Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-1990
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-19 15:39
Severity ?
EPSS score ?
0.01%
(0.02079)
Summary
A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:05:27.102Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/", }, { name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { name: "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-1990", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T15:56:23.489399Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-19T15:39:58.404Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Linux", vendor: "n/a", versions: [ { status: "affected", version: "Linux Kernel prior to Kernel 6.3 RC3", }, ], }, ], descriptions: [ { lang: "en", value: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-03T13:06:41.384Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/", }, { name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { name: "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-1990", datePublished: "2023-04-12T00:00:00.000Z", dateReserved: "2023-04-11T00:00:00.000Z", dateUpdated: "2025-03-19T15:39:58.404Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2023-1990\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2023-04-12T20:15:07.233\",\"lastModified\":\"2025-03-19T16:15:17.597\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.3\",\"matchCriteriaId\":\"3769AA63-B0A8-4EF1-96F9-6A6A6B305A02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8E3B0E8-FA27-4305-87BB-AF6C25B160CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A47F0FC3-CE52-4BA1-BA51-22F783938431\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\", \"name\": \"[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\", \"name\": \"[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:05:27.102Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-1990\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-06T15:56:23.489399Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-06T15:56:25.262Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"Linux Kernel prior to Kernel 6.3 RC3\"}]}], \"references\": [{\"url\": \"https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html\", \"name\": \"[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html\", \"name\": \"[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2023-05-03T13:06:41.384Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2023-1990\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-19T15:39:58.404Z\", \"dateReserved\": \"2023-04-11T00:00:00.000Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2023-04-12T00:00:00.000Z\", \"assignerShortName\": \"redhat\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
suse-su-2023:2147-1
Vulnerability from csaf_suse
Published
2023-05-09 15:04
Modified
2023-05-09 15:04
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).
The following non-security bugs were fixed:
- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- cifs: fix negotiate context parsing (bsc#1210301).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
Patchnames
SUSE-2023-2147,SUSE-SLE-Module-RT-15-SP3-2023-2147,SUSE-SUSE-MicroOS-5.1-2023-2147,SUSE-SUSE-MicroOS-5.2-2023-2147
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).\n- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).\n\nThe following non-security bugs were fixed:\n\n- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2147,SUSE-SLE-Module-RT-15-SP3-2023-2147,SUSE-SUSE-MicroOS-5.1-2023-2147,SUSE-SUSE-MicroOS-5.2-2023-2147", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2147-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2147-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232147-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2147-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029301.html", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1206992", url: "https://bugzilla.suse.com/1206992", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209739", url: "https://bugzilla.suse.com/1209739", }, { category: "self", summary: "SUSE Bug 1209777", url: "https://bugzilla.suse.com/1209777", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210203", url: "https://bugzilla.suse.com/1210203", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210414", url: "https://bugzilla.suse.com/1210414", }, { category: "self", summary: "SUSE Bug 1210453", url: "https://bugzilla.suse.com/1210453", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210629", url: "https://bugzilla.suse.com/1210629", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE CVE CVE-2020-36691 page", url: "https://www.suse.com/security/cve/CVE-2020-36691/", }, { category: "self", summary: "SUSE CVE CVE-2022-2196 page", url: "https://www.suse.com/security/cve/CVE-2022-2196/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1838 page", url: "https://www.suse.com/security/cve/CVE-2023-1838/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1872 page", url: "https://www.suse.com/security/cve/CVE-2023-1872/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2008 page", url: "https://www.suse.com/security/cve/CVE-2023-2008/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-2176 page", url: "https://www.suse.com/security/cve/CVE-2023-2176/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-09T15:04:16Z", generator: { date: "2023-05-09T15:04:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2147-1", initial_release_date: "2023-05-09T15:04:16Z", revision_history: [ { date: "2023-05-09T15:04:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-5.3.18-150300.127.1.noarch", product: { name: "kernel-devel-rt-5.3.18-150300.127.1.noarch", product_id: "kernel-devel-rt-5.3.18-150300.127.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-5.3.18-150300.127.1.noarch", product: { name: "kernel-source-rt-5.3.18-150300.127.1.noarch", product_id: "kernel-source-rt-5.3.18-150300.127.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", product: { name: "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", product_id: "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product: { name: "cluster-md-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product_id: "cluster-md-kmp-rt_debug-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-5.3.18-150300.127.1.x86_64", product: { name: "dlm-kmp-rt-5.3.18-150300.127.1.x86_64", product_id: "dlm-kmp-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product: { name: "dlm-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product_id: "dlm-kmp-rt_debug-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", product: { name: "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", product_id: "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product: { name: "gfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product_id: "gfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt-devel-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt-devel-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt-extra-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt-extra-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-devel-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt-livepatch-devel-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt-livepatch-devel-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-optional-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt-optional-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt-optional-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt_debug-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt_debug-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-extra-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt_debug-extra-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt_debug-extra-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt_debug-livepatch-devel-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-optional-5.3.18-150300.127.1.x86_64", product: { name: "kernel-rt_debug-optional-5.3.18-150300.127.1.x86_64", product_id: "kernel-rt_debug-optional-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-5.3.18-150300.127.1.x86_64", product: { name: "kernel-syms-rt-5.3.18-150300.127.1.x86_64", product_id: "kernel-syms-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-5.3.18-150300.127.1.x86_64", product: { name: "kselftests-kmp-rt-5.3.18-150300.127.1.x86_64", product_id: "kselftests-kmp-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product: { name: "kselftests-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product_id: "kselftests-kmp-rt_debug-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", product: { name: "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", product_id: "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product: { name: "ocfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product_id: "ocfs2-kmp-rt_debug-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt-5.3.18-150300.127.1.x86_64", product: { name: "reiserfs-kmp-rt-5.3.18-150300.127.1.x86_64", product_id: "reiserfs-kmp-rt-5.3.18-150300.127.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product: { name: "reiserfs-kmp-rt_debug-5.3.18-150300.127.1.x86_64", product_id: "reiserfs-kmp-rt_debug-5.3.18-150300.127.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Real Time Module 15 SP3", product: { name: "SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-rt:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.1", product: { name: "SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.2", product: { name: "SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "dlm-kmp-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-5.3.18-150300.127.1.noarch as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", }, product_reference: "kernel-devel-rt-5.3.18-150300.127.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", }, product_reference: "kernel-rt-devel-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", }, product_reference: "kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-5.3.18-150300.127.1.noarch as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", }, product_reference: "kernel-source-rt-5.3.18-150300.127.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "kernel-syms-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.127.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.127.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36691", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36691", url: "https://www.suse.com/security/cve/CVE-2020-36691", }, { category: "external", summary: "SUSE Bug 1209613 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209613", }, { category: "external", summary: "SUSE Bug 1209777 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2020-36691", }, { cve: "CVE-2022-2196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2196", }, ], notes: [ { category: "general", text: "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2196", url: "https://www.suse.com/security/cve/CVE-2022-2196", }, { category: "external", summary: "SUSE Bug 1206992 for CVE-2022-2196", url: "https://bugzilla.suse.com/1206992", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2022-2196", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1838", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1838", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1838", url: "https://www.suse.com/security/cve/CVE-2023-1838", }, { category: "external", summary: "SUSE Bug 1210203 for CVE-2023-1838", url: "https://bugzilla.suse.com/1210203", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-1838", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1872", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1872", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.\n\nThe io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.\n\nWe recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1872", url: "https://www.suse.com/security/cve/CVE-2023-1872", }, { category: "external", summary: "SUSE Bug 1210414 for CVE-2023-1872", url: "https://bugzilla.suse.com/1210414", }, { category: "external", summary: "SUSE Bug 1210417 for CVE-2023-1872", url: "https://bugzilla.suse.com/1210417", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "important", }, ], title: "CVE-2023-1872", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2008", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2008", url: "https://www.suse.com/security/cve/CVE-2023-2008", }, { category: "external", summary: "SUSE Bug 1210453 for CVE-2023-2008", url: "https://bugzilla.suse.com/1210453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-2008", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-2176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2176", }, ], notes: [ { category: "general", text: "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2176", url: "https://www.suse.com/security/cve/CVE-2023-2176", }, { category: "external", summary: "SUSE Bug 1210629 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210629", }, { category: "external", summary: "SUSE Bug 1210630 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210630", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2176", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "important", }, ], title: "CVE-2023-2176", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.127.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.127.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.127.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:04:16Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2232-1
Vulnerability from csaf_suse
Published
2023-07-06 01:17
Modified
2023-07-06 01:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).
- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
- CVE-2020-36691: Fixed a denial of service (unbounded recursion) vulnerability via a nested Netlink policy with a back reference (bsc#1209613 bsc#1209777).
- CVE-2023-0394: Fixed a null pointer dereference flaw in the network subcomponent in the Linux kernel which could lead to system crash (bsc#1207168).
- CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA (bsc#1209778).
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
- CVE-2022-20567: Fixed use after free that could lead to a local privilege escalation in pppol2tp_create of l2tp_ppp.c (bsc#1208850).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).
- CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets (bsc#1208599).
- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1855: Fixed an use-after-free flaw in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-1989: Fixed an use-after-free flaw in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed an use-after-free flaw in ndlc_remove (bsc#1210337).
- CVE-2023-1998: Fixed an use-after-free flaw during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).
- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).
- CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
The following non-security bugs were fixed:
- Do not sign the vanilla kernel (bsc#1209008).
- Fix kABI breakage (bsc#1208333)
- PCI: hv: Add a per-bus mutex state_lock (bsc#1207185).
- PCI: hv: Fix a race condition bug in hv_pci_query_relations() (bsc#1207185).
- PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic (bsc#1207185).
- PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev (bsc#1207185).
- Remove obsolete KMP obsoletes (bsc#1210469).
- Replace mkinitrd dependency with dracut (bsc#1202353).
- cifs: fix double free in dfs mounts (bsc#1209845).
- cifs: fix negotiate context parsing (bsc#1210301).
- cifs: handle reconnect of tcon when there is no cached dfs referral (bsc#1209845).
- cifs: missing null pointer check in cifs_mount (bsc#1209845).
- cifs: serialize all mount attempts (bsc#1209845).
- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).
- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).
- k-m-s: Drop Linux 2.6 support
- kernel-module-subpackage: Fix expansion with -b parameter (bsc#1208179).
Patchnames
SUSE-2023-2232,SUSE-OpenStack-Cloud-9-2023-2232,SUSE-OpenStack-Cloud-Crowbar-9-2023-2232,SUSE-SLE-HA-12-SP4-2023-2232,SUSE-SLE-Live-Patching-12-SP4-2023-2232,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-2232,SUSE-SLE-SERVER-12-SP4-LTSS-2023-2232
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).\n- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).\n- CVE-2020-36691: Fixed a denial of service (unbounded recursion) vulnerability via a nested Netlink policy with a back reference (bsc#1209613 bsc#1209777).\n- CVE-2023-0394: Fixed a null pointer dereference flaw in the network subcomponent in the Linux kernel which could lead to system crash (bsc#1207168).\n- CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA (bsc#1209778).\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).\n- CVE-2022-20567: Fixed use after free that could lead to a local privilege escalation in pppol2tp_create of l2tp_ppp.c (bsc#1208850).\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).\n- CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets (bsc#1208599).\n- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).\n- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1855: Fixed an use-after-free flaw in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-1989: Fixed an use-after-free flaw in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed an use-after-free flaw in ndlc_remove (bsc#1210337).\n- CVE-2023-1998: Fixed an use-after-free flaw during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).\n- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).\n- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).\n- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).\n- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).\n- CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n\nThe following non-security bugs were fixed:\n\n- Do not sign the vanilla kernel (bsc#1209008).\n- Fix kABI breakage (bsc#1208333)\n- PCI: hv: Add a per-bus mutex state_lock (bsc#1207185).\n- PCI: hv: Fix a race condition bug in hv_pci_query_relations() (bsc#1207185).\n- PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic (bsc#1207185).\n- PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev (bsc#1207185).\n- Remove obsolete KMP obsoletes (bsc#1210469).\n- Replace mkinitrd dependency with dracut (bsc#1202353).\n- cifs: fix double free in dfs mounts (bsc#1209845).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- cifs: handle reconnect of tcon when there is no cached dfs referral (bsc#1209845).\n- cifs: missing null pointer check in cifs_mount (bsc#1209845).\n- cifs: serialize all mount attempts (bsc#1209845).\n- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).\n- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).\n- k-m-s: Drop Linux 2.6 support\n- kernel-module-subpackage: Fix expansion with -b parameter (bsc#1208179).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2232,SUSE-OpenStack-Cloud-9-2023-2232,SUSE-OpenStack-Cloud-Crowbar-9-2023-2232,SUSE-SLE-HA-12-SP4-2023-2232,SUSE-SLE-Live-Patching-12-SP4-2023-2232,SUSE-SLE-SERVER-12-SP4-ESPOS-2023-2232,SUSE-SLE-SERVER-12-SP4-LTSS-2023-2232", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2232-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2232-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232232-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2232-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029439.html", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1194535", url: "https://bugzilla.suse.com/1194535", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1205128", url: "https://bugzilla.suse.com/1205128", }, { category: "self", summary: "SUSE Bug 1207036", url: "https://bugzilla.suse.com/1207036", }, { category: "self", summary: "SUSE Bug 1207125", url: "https://bugzilla.suse.com/1207125", }, { category: "self", summary: "SUSE Bug 1207168", url: "https://bugzilla.suse.com/1207168", }, { category: "self", summary: "SUSE Bug 1207185", url: "https://bugzilla.suse.com/1207185", }, { category: "self", summary: "SUSE Bug 1207795", url: "https://bugzilla.suse.com/1207795", }, { category: "self", summary: "SUSE Bug 1207845", url: "https://bugzilla.suse.com/1207845", }, { category: "self", summary: "SUSE Bug 1208179", url: "https://bugzilla.suse.com/1208179", }, { category: "self", summary: "SUSE Bug 1208333", url: "https://bugzilla.suse.com/1208333", }, { category: "self", summary: "SUSE Bug 1208599", url: "https://bugzilla.suse.com/1208599", }, { category: "self", summary: "SUSE Bug 1208777", url: "https://bugzilla.suse.com/1208777", }, { category: "self", summary: "SUSE Bug 1208837", url: "https://bugzilla.suse.com/1208837", }, { category: "self", summary: "SUSE Bug 1208850", url: "https://bugzilla.suse.com/1208850", }, { category: "self", summary: "SUSE Bug 1209008", url: "https://bugzilla.suse.com/1209008", }, { category: "self", summary: "SUSE Bug 1209052", url: "https://bugzilla.suse.com/1209052", }, { category: "self", summary: "SUSE Bug 1209256", url: "https://bugzilla.suse.com/1209256", }, { category: "self", summary: "SUSE Bug 1209289", url: "https://bugzilla.suse.com/1209289", }, { category: "self", summary: "SUSE Bug 1209291", url: "https://bugzilla.suse.com/1209291", }, { category: "self", summary: "SUSE Bug 1209532", url: "https://bugzilla.suse.com/1209532", }, { category: "self", summary: "SUSE Bug 1209547", url: "https://bugzilla.suse.com/1209547", }, { category: "self", summary: "SUSE Bug 1209549", url: "https://bugzilla.suse.com/1209549", }, { category: "self", summary: "SUSE Bug 1209613", url: "https://bugzilla.suse.com/1209613", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209777", url: "https://bugzilla.suse.com/1209777", }, { category: "self", summary: "SUSE Bug 1209778", url: "https://bugzilla.suse.com/1209778", }, { category: "self", summary: "SUSE Bug 1209845", url: "https://bugzilla.suse.com/1209845", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209887", url: "https://bugzilla.suse.com/1209887", }, { category: "self", summary: "SUSE Bug 1210124", url: "https://bugzilla.suse.com/1210124", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE Bug 1211037", url: "https://bugzilla.suse.com/1211037", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2020-36691 page", url: "https://www.suse.com/security/cve/CVE-2020-36691/", }, { category: "self", summary: "SUSE CVE CVE-2021-3923 page", url: "https://www.suse.com/security/cve/CVE-2021-3923/", }, { category: "self", summary: "SUSE CVE CVE-2021-4203 page", url: "https://www.suse.com/security/cve/CVE-2021-4203/", }, { category: "self", summary: "SUSE CVE CVE-2022-20567 page", url: "https://www.suse.com/security/cve/CVE-2022-20567/", }, { category: "self", summary: "SUSE CVE CVE-2022-43945 page", url: "https://www.suse.com/security/cve/CVE-2022-43945/", }, { category: "self", summary: "SUSE CVE CVE-2023-0394 page", url: "https://www.suse.com/security/cve/CVE-2023-0394/", }, { category: "self", summary: "SUSE CVE CVE-2023-0590 page", url: "https://www.suse.com/security/cve/CVE-2023-0590/", }, { category: "self", summary: "SUSE CVE CVE-2023-0597 page", url: "https://www.suse.com/security/cve/CVE-2023-0597/", }, { category: "self", summary: "SUSE CVE CVE-2023-1076 page", url: "https://www.suse.com/security/cve/CVE-2023-1076/", }, { category: "self", summary: "SUSE CVE CVE-2023-1095 page", url: "https://www.suse.com/security/cve/CVE-2023-1095/", }, { category: "self", summary: "SUSE CVE CVE-2023-1118 page", url: "https://www.suse.com/security/cve/CVE-2023-1118/", }, { category: "self", summary: "SUSE CVE CVE-2023-1390 page", url: "https://www.suse.com/security/cve/CVE-2023-1390/", }, { category: "self", summary: "SUSE CVE CVE-2023-1513 page", url: "https://www.suse.com/security/cve/CVE-2023-1513/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-23454 page", url: "https://www.suse.com/security/cve/CVE-2023-23454/", }, { category: "self", summary: "SUSE CVE CVE-2023-23455 page", url: "https://www.suse.com/security/cve/CVE-2023-23455/", }, { category: "self", summary: "SUSE CVE CVE-2023-2483 page", url: "https://www.suse.com/security/cve/CVE-2023-2483/", }, { category: "self", summary: "SUSE CVE CVE-2023-28328 page", url: "https://www.suse.com/security/cve/CVE-2023-28328/", }, { category: "self", summary: "SUSE CVE CVE-2023-28464 page", url: "https://www.suse.com/security/cve/CVE-2023-28464/", }, { category: "self", summary: "SUSE CVE CVE-2023-28772 page", url: "https://www.suse.com/security/cve/CVE-2023-28772/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-07-06T01:17:55Z", generator: { date: "2023-07-06T01:17:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2232-1", initial_release_date: "2023-07-06T01:17:55Z", revision_history: [ { date: "2023-07-06T01:17:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.125.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-95.125.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.125.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-95.125.1.aarch64", product_id: "dlm-kmp-default-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "drbd-9.0.14+git.62f906cf-4.26.2.aarch64", product: { name: "drbd-9.0.14+git.62f906cf-4.26.2.aarch64", product_id: "drbd-9.0.14+git.62f906cf-4.26.2.aarch64", }, }, { category: "product_version", name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.aarch64", product: { name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.aarch64", product_id: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.125.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-95.125.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.125.1.aarch64", product: { name: "kernel-default-4.12.14-95.125.1.aarch64", product_id: "kernel-default-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.125.1.aarch64", product: { name: "kernel-default-base-4.12.14-95.125.1.aarch64", product_id: "kernel-default-base-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.125.1.aarch64", product: { name: "kernel-default-devel-4.12.14-95.125.1.aarch64", product_id: "kernel-default-devel-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.125.1.aarch64", product: { name: "kernel-default-extra-4.12.14-95.125.1.aarch64", product_id: "kernel-default-extra-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.125.1.aarch64", product: { name: "kernel-default-kgraft-4.12.14-95.125.1.aarch64", product_id: "kernel-default-kgraft-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-95.125.1.aarch64", product: { name: "kernel-default-kgraft-devel-4.12.14-95.125.1.aarch64", product_id: "kernel-default-kgraft-devel-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.125.1.aarch64", product: { name: "kernel-obs-build-4.12.14-95.125.1.aarch64", product_id: "kernel-obs-build-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.125.1.aarch64", product: { name: "kernel-obs-qa-4.12.14-95.125.1.aarch64", product_id: "kernel-obs-qa-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.125.1.aarch64", product: { name: "kernel-syms-4.12.14-95.125.1.aarch64", product_id: "kernel-syms-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.125.1.aarch64", product: { name: "kernel-vanilla-4.12.14-95.125.1.aarch64", product_id: "kernel-vanilla-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.125.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-95.125.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.125.1.aarch64", product: { name: "kernel-vanilla-devel-4.12.14-95.125.1.aarch64", product_id: "kernel-vanilla-devel-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.aarch64", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.aarch64", product_id: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.125.1.aarch64", product: { name: "kselftests-kmp-default-4.12.14-95.125.1.aarch64", product_id: "kselftests-kmp-default-4.12.14-95.125.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.125.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-95.125.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-95.125.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-95.125.1.noarch", product: { name: "kernel-devel-4.12.14-95.125.1.noarch", product_id: "kernel-devel-4.12.14-95.125.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-95.125.1.noarch", product: { name: "kernel-docs-4.12.14-95.125.1.noarch", product_id: "kernel-docs-4.12.14-95.125.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-95.125.1.noarch", product: { name: "kernel-docs-html-4.12.14-95.125.1.noarch", product_id: "kernel-docs-html-4.12.14-95.125.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-95.125.1.noarch", product: { name: "kernel-macros-4.12.14-95.125.1.noarch", product_id: "kernel-macros-4.12.14-95.125.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-95.125.1.noarch", product: { name: "kernel-source-4.12.14-95.125.1.noarch", product_id: "kernel-source-4.12.14-95.125.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-95.125.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-95.125.1.noarch", product_id: "kernel-source-vanilla-4.12.14-95.125.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.125.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-95.125.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", product: { name: "drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", product_id: "drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", }, }, { category: "product_version", name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", product: { name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", product_id: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.125.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-95.125.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.12.14-95.125.1.ppc64le", product: { name: "kernel-debug-4.12.14-95.125.1.ppc64le", product_id: "kernel-debug-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-95.125.1.ppc64le", product: { name: "kernel-debug-base-4.12.14-95.125.1.ppc64le", product_id: "kernel-debug-base-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-95.125.1.ppc64le", product: { name: "kernel-debug-devel-4.12.14-95.125.1.ppc64le", product_id: "kernel-debug-devel-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-kgraft-devel-4.12.14-95.125.1.ppc64le", product: { name: "kernel-debug-kgraft-devel-4.12.14-95.125.1.ppc64le", product_id: "kernel-debug-kgraft-devel-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.125.1.ppc64le", product: { name: "kernel-default-4.12.14-95.125.1.ppc64le", product_id: "kernel-default-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.125.1.ppc64le", product: { name: "kernel-default-base-4.12.14-95.125.1.ppc64le", product_id: "kernel-default-base-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.125.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-95.125.1.ppc64le", product_id: "kernel-default-devel-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.125.1.ppc64le", product: { name: "kernel-default-extra-4.12.14-95.125.1.ppc64le", product_id: "kernel-default-extra-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.125.1.ppc64le", product: { name: "kernel-default-kgraft-4.12.14-95.125.1.ppc64le", product_id: "kernel-default-kgraft-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", product: { name: "kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", product_id: "kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.125.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-95.125.1.ppc64le", product_id: "kernel-obs-build-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.125.1.ppc64le", product: { name: "kernel-obs-qa-4.12.14-95.125.1.ppc64le", product_id: "kernel-obs-qa-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.125.1.ppc64le", product: { name: "kernel-syms-4.12.14-95.125.1.ppc64le", product_id: "kernel-syms-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.125.1.ppc64le", product: { name: "kernel-vanilla-4.12.14-95.125.1.ppc64le", product_id: "kernel-vanilla-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.125.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-95.125.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.125.1.ppc64le", product: { name: "kernel-vanilla-devel-4.12.14-95.125.1.ppc64le", product_id: "kernel-vanilla-devel-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.ppc64le", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.ppc64le", product_id: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", product: { name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", product_id: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.125.1.ppc64le", product: { name: "kselftests-kmp-default-4.12.14-95.125.1.ppc64le", product_id: "kselftests-kmp-default-4.12.14-95.125.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.125.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-95.125.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.125.1.s390x", product: { name: "dlm-kmp-default-4.12.14-95.125.1.s390x", product_id: "dlm-kmp-default-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "drbd-9.0.14+git.62f906cf-4.26.2.s390x", product: { name: "drbd-9.0.14+git.62f906cf-4.26.2.s390x", product_id: "drbd-9.0.14+git.62f906cf-4.26.2.s390x", }, }, { category: "product_version", name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", product: { name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", product_id: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.125.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-95.125.1.s390x", product_id: "gfs2-kmp-default-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.125.1.s390x", product: { name: "kernel-default-4.12.14-95.125.1.s390x", product_id: "kernel-default-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.125.1.s390x", product: { name: "kernel-default-base-4.12.14-95.125.1.s390x", product_id: "kernel-default-base-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.125.1.s390x", product: { name: "kernel-default-devel-4.12.14-95.125.1.s390x", product_id: "kernel-default-devel-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.125.1.s390x", product: { name: "kernel-default-extra-4.12.14-95.125.1.s390x", product_id: "kernel-default-extra-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.125.1.s390x", product: { name: "kernel-default-kgraft-4.12.14-95.125.1.s390x", product_id: "kernel-default-kgraft-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", product: { name: "kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", product_id: "kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-95.125.1.s390x", product: { name: "kernel-default-man-4.12.14-95.125.1.s390x", product_id: "kernel-default-man-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.125.1.s390x", product: { name: "kernel-obs-build-4.12.14-95.125.1.s390x", product_id: "kernel-obs-build-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.125.1.s390x", product: { name: "kernel-obs-qa-4.12.14-95.125.1.s390x", product_id: "kernel-obs-qa-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.125.1.s390x", product: { name: "kernel-syms-4.12.14-95.125.1.s390x", product_id: "kernel-syms-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.125.1.s390x", product: { name: "kernel-vanilla-4.12.14-95.125.1.s390x", product_id: "kernel-vanilla-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.125.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-95.125.1.s390x", product_id: "kernel-vanilla-base-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.125.1.s390x", product: { name: "kernel-vanilla-devel-4.12.14-95.125.1.s390x", product_id: "kernel-vanilla-devel-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.s390x", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.s390x", product_id: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-95.125.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-95.125.1.s390x", product_id: "kernel-zfcpdump-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-man-4.12.14-95.125.1.s390x", product: { name: "kernel-zfcpdump-man-4.12.14-95.125.1.s390x", product_id: "kernel-zfcpdump-man-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", product: { name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", product_id: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.125.1.s390x", product: { name: "kselftests-kmp-default-4.12.14-95.125.1.s390x", product_id: "kselftests-kmp-default-4.12.14-95.125.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.125.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-95.125.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-95.125.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.125.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-95.125.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.125.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-95.125.1.x86_64", product_id: "dlm-kmp-default-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "drbd-9.0.14+git.62f906cf-4.26.2.x86_64", product: { name: "drbd-9.0.14+git.62f906cf-4.26.2.x86_64", product_id: "drbd-9.0.14+git.62f906cf-4.26.2.x86_64", }, }, { category: "product_version", name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", product: { name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", product_id: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", }, }, { category: "product_version", name: "drbd-kmp-rt-9.0.14+git.62f906cf_k4.12.14_3.3-4.26.2.x86_64", product: { name: "drbd-kmp-rt-9.0.14+git.62f906cf_k4.12.14_3.3-4.26.2.x86_64", product_id: "drbd-kmp-rt-9.0.14+git.62f906cf_k4.12.14_3.3-4.26.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.125.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-95.125.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.12.14-95.125.1.x86_64", product: { name: "kernel-debug-4.12.14-95.125.1.x86_64", product_id: "kernel-debug-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-95.125.1.x86_64", product: { name: "kernel-debug-base-4.12.14-95.125.1.x86_64", product_id: "kernel-debug-base-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-debug-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-kgraft-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-debug-kgraft-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-debug-kgraft-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.125.1.x86_64", product: { name: "kernel-default-4.12.14-95.125.1.x86_64", product_id: "kernel-default-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.125.1.x86_64", product: { name: "kernel-default-base-4.12.14-95.125.1.x86_64", product_id: "kernel-default-base-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-default-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-default-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.125.1.x86_64", product: { name: "kernel-default-extra-4.12.14-95.125.1.x86_64", product_id: "kernel-default-extra-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-95.125.1.x86_64", product: { name: "kernel-default-kgraft-4.12.14-95.125.1.x86_64", product_id: "kernel-default-kgraft-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-95.125.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-95.125.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-95.125.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-95.125.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-kgraft-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-kvmsmall-kgraft-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-kvmsmall-kgraft-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.125.1.x86_64", product: { name: "kernel-obs-build-4.12.14-95.125.1.x86_64", product_id: "kernel-obs-build-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-95.125.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-95.125.1.x86_64", product_id: "kernel-obs-qa-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.125.1.x86_64", product: { name: "kernel-syms-4.12.14-95.125.1.x86_64", product_id: "kernel-syms-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-95.125.1.x86_64", product: { name: "kernel-vanilla-4.12.14-95.125.1.x86_64", product_id: "kernel-vanilla-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-95.125.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-95.125.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.x86_64", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.x86_64", product_id: "kernel-vanilla-kgraft-devel-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", product: { name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", product_id: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-95.125.1.x86_64", product: { name: "kselftests-kmp-default-4.12.14-95.125.1.x86_64", product_id: "kselftests-kmp-default-4.12.14-95.125.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.125.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-95.125.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-95.125.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 9", product: { name: "SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:9", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 9", product: { name: "SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:9", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP4", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12 SP4", product: { name: "SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4-ESPOS", product: { name: "SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sles-espos:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.125.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.125.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.125.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", }, product_reference: "kernel-source-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.125.1.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.125.1.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.125.1.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", }, product_reference: "kernel-source-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "drbd-9.0.14+git.62f906cf-4.26.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", }, product_reference: "drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "drbd-9.0.14+git.62f906cf-4.26.2.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", }, product_reference: "drbd-9.0.14+git.62f906cf-4.26.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "drbd-9.0.14+git.62f906cf-4.26.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", }, product_reference: "drbd-9.0.14+git.62f906cf-4.26.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", }, product_reference: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", }, product_reference: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", }, product_reference: "drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", }, product_reference: "kernel-default-kgraft-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", }, product_reference: "kernel-default-kgraft-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-kgraft-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", }, product_reference: "kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-devel-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", }, product_reference: "kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", }, product_reference: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", }, product_reference: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", }, product_reference: "kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-default-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.125.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.125.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.125.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", }, product_reference: "kernel-source-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-syms-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-ESPOS", product_id: "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-default-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", }, product_reference: "kernel-default-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", }, product_reference: "kernel-default-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", }, product_reference: "kernel-default-base-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", }, product_reference: "kernel-default-man-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.125.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.125.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.125.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", }, product_reference: "kernel-source-4.12.14-95.125.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", }, product_reference: "kernel-syms-4.12.14-95.125.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-95.125.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", }, product_reference: "kernel-syms-4.12.14-95.125.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.125.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.125.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2020-36691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36691", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36691", url: "https://www.suse.com/security/cve/CVE-2020-36691", }, { category: "external", summary: "SUSE Bug 1209613 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209613", }, { category: "external", summary: "SUSE Bug 1209777 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2020-36691", }, { cve: "CVE-2021-3923", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3923", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3923", url: "https://www.suse.com/security/cve/CVE-2021-3923", }, { category: "external", summary: "SUSE Bug 1209778 for CVE-2021-3923", url: "https://bugzilla.suse.com/1209778", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "low", }, ], title: "CVE-2021-3923", }, { cve: "CVE-2021-4203", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-4203", }, ], notes: [ { category: "general", text: "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-4203", url: "https://www.suse.com/security/cve/CVE-2021-4203", }, { category: "external", summary: "SUSE Bug 1194535 for CVE-2021-4203", url: "https://bugzilla.suse.com/1194535", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2021-4203", }, { cve: "CVE-2022-20567", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-20567", }, ], notes: [ { category: "general", text: "In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-20567", url: "https://www.suse.com/security/cve/CVE-2022-20567", }, { category: "external", summary: "SUSE Bug 1208850 for CVE-2022-20567", url: "https://bugzilla.suse.com/1208850", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2022-20567", }, { cve: "CVE-2022-43945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-43945", }, ], notes: [ { category: "general", text: "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-43945", url: "https://www.suse.com/security/cve/CVE-2022-43945", }, { category: "external", summary: "SUSE Bug 1205128 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205128", }, { category: "external", summary: "SUSE Bug 1205130 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205130", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-43945", url: "https://bugzilla.suse.com/1209225", }, { category: "external", summary: "SUSE Bug 1210124 for CVE-2022-43945", url: "https://bugzilla.suse.com/1210124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2022-43945", }, { cve: "CVE-2023-0394", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0394", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0394", url: "https://www.suse.com/security/cve/CVE-2023-0394", }, { category: "external", summary: "SUSE Bug 1207168 for CVE-2023-0394", url: "https://bugzilla.suse.com/1207168", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-0394", }, { cve: "CVE-2023-0590", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0590", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0590", url: "https://www.suse.com/security/cve/CVE-2023-0590", }, { category: "external", summary: "SUSE Bug 1207795 for CVE-2023-0590", url: "https://bugzilla.suse.com/1207795", }, { category: "external", summary: "SUSE Bug 1207822 for CVE-2023-0590", url: "https://bugzilla.suse.com/1207822", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-0590", url: "https://bugzilla.suse.com/1211495", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-0590", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-0597", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0597", }, ], notes: [ { category: "general", text: "A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0597", url: "https://www.suse.com/security/cve/CVE-2023-0597", }, { category: "external", summary: "SUSE Bug 1207845 for CVE-2023-0597", url: "https://bugzilla.suse.com/1207845", }, { category: "external", summary: "SUSE Bug 1212395 for CVE-2023-0597", url: "https://bugzilla.suse.com/1212395", }, { category: "external", summary: "SUSE Bug 1213271 for CVE-2023-0597", url: "https://bugzilla.suse.com/1213271", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-0597", }, { cve: "CVE-2023-1076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1076", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1076", url: "https://www.suse.com/security/cve/CVE-2023-1076", }, { category: "external", summary: "SUSE Bug 1208599 for CVE-2023-1076", url: "https://bugzilla.suse.com/1208599", }, { category: "external", summary: "SUSE Bug 1214019 for CVE-2023-1076", url: "https://bugzilla.suse.com/1214019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1076", }, { cve: "CVE-2023-1095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1095", }, ], notes: [ { category: "general", text: "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1095", url: "https://www.suse.com/security/cve/CVE-2023-1095", }, { category: "external", summary: "SUSE Bug 1208777 for CVE-2023-1095", url: "https://bugzilla.suse.com/1208777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1095", }, { cve: "CVE-2023-1118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1118", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1118", url: "https://www.suse.com/security/cve/CVE-2023-1118", }, { category: "external", summary: "SUSE Bug 1208837 for CVE-2023-1118", url: "https://bugzilla.suse.com/1208837", }, { category: "external", summary: "SUSE Bug 1208910 for CVE-2023-1118", url: "https://bugzilla.suse.com/1208910", }, { category: "external", summary: "SUSE Bug 1210423 for CVE-2023-1118", url: "https://bugzilla.suse.com/1210423", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-1118", url: "https://bugzilla.suse.com/1211495", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1118", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1118", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1118", }, { cve: "CVE-2023-1390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1390", }, ], notes: [ { category: "general", text: "A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1390", url: "https://www.suse.com/security/cve/CVE-2023-1390", }, { category: "external", summary: "SUSE Bug 1209289 for CVE-2023-1390", url: "https://bugzilla.suse.com/1209289", }, { category: "external", summary: "SUSE Bug 1210779 for CVE-2023-1390", url: "https://bugzilla.suse.com/1210779", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-1390", url: "https://bugzilla.suse.com/1211495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2023-1390", }, { cve: "CVE-2023-1513", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1513", }, ], notes: [ { category: "general", text: "A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1513", url: "https://www.suse.com/security/cve/CVE-2023-1513", }, { category: "external", summary: "SUSE Bug 1209532 for CVE-2023-1513", url: "https://bugzilla.suse.com/1209532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "low", }, ], title: "CVE-2023-1513", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-23454", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23454", }, ], notes: [ { category: "general", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23454", url: "https://www.suse.com/security/cve/CVE-2023-23454", }, { category: "external", summary: "SUSE Bug 1207036 for CVE-2023-23454", url: "https://bugzilla.suse.com/1207036", }, { category: "external", summary: "SUSE Bug 1207188 for CVE-2023-23454", url: "https://bugzilla.suse.com/1207188", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208044 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208044", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-23454", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23455", }, ], notes: [ { category: "general", text: "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23455", url: "https://www.suse.com/security/cve/CVE-2023-23455", }, { category: "external", summary: "SUSE Bug 1207125 for CVE-2023-23455", url: "https://bugzilla.suse.com/1207125", }, { category: "external", summary: "SUSE Bug 1207189 for CVE-2023-23455", url: "https://bugzilla.suse.com/1207189", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-23455", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-2483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2483", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2483", url: "https://www.suse.com/security/cve/CVE-2023-2483", }, { category: "external", summary: "SUSE Bug 1211037 for CVE-2023-2483", url: "https://bugzilla.suse.com/1211037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-2483", }, { cve: "CVE-2023-28328", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28328", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28328", url: "https://www.suse.com/security/cve/CVE-2023-28328", }, { category: "external", summary: "SUSE Bug 1209291 for CVE-2023-28328", url: "https://bugzilla.suse.com/1209291", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-28328", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-28328", }, { cve: "CVE-2023-28464", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28464", }, ], notes: [ { category: "general", text: "hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28464", url: "https://www.suse.com/security/cve/CVE-2023-28464", }, { category: "external", summary: "SUSE Bug 1209052 for CVE-2023-28464", url: "https://bugzilla.suse.com/1209052", }, { category: "external", summary: "SUSE Bug 1211111 for CVE-2023-28464", url: "https://bugzilla.suse.com/1211111", }, { category: "external", summary: "SUSE Bug 1220130 for CVE-2023-28464", url: "https://bugzilla.suse.com/1220130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2023-28464", }, { cve: "CVE-2023-28772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28772", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28772", url: "https://www.suse.com/security/cve/CVE-2023-28772", }, { category: "external", summary: "SUSE Bug 1209549 for CVE-2023-28772", url: "https://bugzilla.suse.com/1209549", }, { category: "external", summary: "SUSE Bug 1211110 for CVE-2023-28772", url: "https://bugzilla.suse.com/1211110", }, { category: "external", summary: "SUSE Bug 1214378 for CVE-2023-28772", url: "https://bugzilla.suse.com/1214378", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "important", }, ], title: "CVE-2023-28772", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-9.0.14+git.62f906cf-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:drbd-kmp-default-9.0.14+git.62f906cf_k4.12.14_95.125-4.26.2.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kernel-default-kgraft-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_125-default-1-6.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-ESPOS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-default-man-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-devel-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-macros-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-source-4.12.14-95.125.1.noarch", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud 9:kernel-syms-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-base-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-default-devel-4.12.14-95.125.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:kernel-devel-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-macros-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-source-4.12.14-95.125.1.noarch", "SUSE OpenStack Cloud Crowbar 9:kernel-syms-4.12.14-95.125.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-06T01:17:55Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2141-1
Vulnerability from csaf_suse
Published
2023-05-09 12:29
Modified
2023-05-09 12:29
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2235: A use-after-free vulnerability in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210986).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-23006: Fixed NULL checking against IS_ERR in dr_domain_init_resources (bsc#1208845).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-0386: A flaw was found where unauthorized access to the execution of the setuid file with capabilities was found in the OverlayFS subsystem, when a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allowed a local user to escalate their privileges on the system (bsc#1209615).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2019: A flaw was found in the netdevsim device driver, more specifically within the scheduling of events. This issue results from the improper management of a reference count and may lead to a denial of service (bsc#1210454).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
The following non-security bugs were fixed:
- ACPI: CPPC: Disable FIE if registers in PCC regions (bsc#1210953).
- ACPI: VIOT: Initialize the correct IOMMU fwspec (git-fixes).
- ACPI: resource: Add Medion S17413 to IRQ override quirk (git-fixes).
- ALSA: emu10k1: do not create old pass-through playback device on Audigy (git-fixes).
- ALSA: emu10k1: fix capture interrupt handler unlinking (git-fixes).
- ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (git-fixes).
- ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock (git-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2 (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and speaker support for HP Laptops (git-fixes).
- ALSA: hda/realtek: Remove specific patch for Dell Precision 3260 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP platform (git-fixes).
- ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (git-fixes).
- ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (git-fixes).
- ALSA: hda: cs35l41: Enable Amp High Pass Filter (git-fixes).
- ALSA: hda: patch_realtek: add quirk for Asus N7601ZM (git-fixes).
- ALSA: i2c/cs8427: fix iec958 mixer control deactivation (git-fixes).
- ARM: 9290/1: uaccess: Fix KASAN false-positives (git-fixes).
- ARM: dts: exynos: fix WM8960 clock name in Itop Elite (git-fixes).
- ARM: dts: gta04: fix excess dma channel usage (git-fixes).
- ARM: dts: qcom: ipq4019: Fix the PCI I/O port range (git-fixes).
- ARM: dts: rockchip: fix a typo error for rk3288 spdif node (git-fixes).
- ARM: dts: s5pv210: correct MIPI CSIS clock name (git-fixes).
- ASN.1: Fix check for strdup() success (git-fixes).
- ASoC: cs35l41: Only disable internal boost (git-fixes).
- ASoC: es8316: Handle optional IRQ assignment (git-fixes).
- ASoC: fsl_asrc_dma: fix potential null-ptr-deref (git-fixes).
- ASoC: fsl_mqs: move of_node_put() to the correct location (git-fixes).
- Add 42a11bf5c543 cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly
- Add eee878537941 cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods
- Bluetooth: Fix race condition in hidp_session_thread (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (git-fixes).
- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- IB/mlx5: Add support for 400G_8X lane speed (git-fixes)
- Input: hp_sdc_rtc - mark an unused function as __maybe_unused (git-fixes).
- Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (git-fixes).
- KEYS: Add missing function documentation (git-fixes).
- KEYS: Create static version of public_key_verify_signature (git-fixes).
- NFS: Cleanup unused rpc_clnt variable (git-fixes).
- NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL (git-fixes).
- NFSD: callback request does not use correct credential for AUTH_SYS (git-fixes).
- PCI/EDR: Clear Device Status after EDR error recovery (git-fixes).
- PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled (git-fixes).
- PCI: imx6: Install the fault handler only on compatible match (git-fixes).
- PCI: loongson: Add more devices that need MRRS quirk (git-fixes).
- PCI: loongson: Prevent LS7A MRRS increases (git-fixes).
- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
- PCI: qcom: Fix the incorrect register usage in v2.7.0 config (git-fixes).
- RDMA/cma: Allow UD qp_type to join multicast only (git-fixes)
- RDMA/core: Fix GID entry ref leak when create_ah fails (git-fixes)
- RDMA/irdma: Add ipv4 check to irdma_find_listener() (git-fixes)
- RDMA/irdma: Fix memory leak of PBLE objects (git-fixes)
- RDMA/irdma: Increase iWARP CM default rexmit count (git-fixes)
- Remove obsolete KMP obsoletes (bsc#1210469).
- Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (git-fixes).
- Revert 'pinctrl: amd: Disable and mask interrupts on resume' (git-fixes).
- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
- USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).
- USB: serial: option: add Quectel RM500U-CN modem (git-fixes).
- USB: serial: option: add Telit FE990 compositions (git-fixes).
- USB: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).
- amdgpu: disable powerpc support for the newer display engine (bsc#1194869).
- arm64: dts: imx8mm-evk: correct pmic clock source (git-fixes).
- arm64: dts: meson-g12-common: specify full DMC range (git-fixes).
- arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node (git-fixes).
- arm64: dts: qcom: ipq8074: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator (git-fixes).
- arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator (git-fixes).
- arm64: dts: qcom: msm8996: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name (git-fixes).
- arm64: dts: qcom: msm8998: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply (git-fixes).
- arm64: dts: qcom: sdm845: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: sm8250: Fix the PCI I/O port range (git-fixes).
- arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table (git-fixes).
- arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table (git-fixes).
- arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property (git-fixes).
- bluetooth: Perform careful capability checks in hci_sock_ioctl() (git-fixes).
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).
- cifs: fix negotiate context parsing (bsc#1210301).
- clk: add missing of_node_put() in 'assigned-clocks' property parsing (git-fixes).
- clk: at91: clk-sam9x60-pll: fix return value check (git-fixes).
- clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent (git-fixes).
- clk: sprd: set max_register according to mapping range (git-fixes).
- clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails (git-fixes).
- cpufreq: CPPC: Fix build error without CONFIG_ACPI_CPPC_CPUFREQ_FIE (bsc#1210953).
- cpufreq: CPPC: Fix performance/frequency conversion (git-fixes).
- cpumask: fix incorrect cpumask scanning result checks (bsc#1210943).
- crypto: caam - Clear some memory in instantiate_rng (git-fixes).
- crypto: drbg - Only fail when jent is unavailable in FIPS mode (git-fixes).
- crypto: sa2ul - Select CRYPTO_DES (git-fixes).
- crypto: safexcel - Cleanup ring IRQ workqueues on load failure (git-fixes).
- driver core: Do not require dynamic_debug for initcall_debug probe timing (git-fixes).
- drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() (git-fixes).
- drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() (git-fixes).
- drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings (git-fixes).
- drm/amd/display: Fix potential null dereference (git-fixes).
- drm/amdgpu: Re-enable DCN for 64-bit powerpc (bsc#1194869).
- drm/armada: Fix a potential double free in an error handling path (git-fixes).
- drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535 (git-fixes).
- drm/bridge: lt8912b: Fix DSI Video Mode (git-fixes).
- drm/bridge: lt9611: Fix PLL being unable to lock (git-fixes).
- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var (git-fixes).
- drm/i915/dsi: fix DSS CTL register offsets for TGL+ (git-fixes).
- drm/i915: Fix fast wake AUX sync len (git-fixes).
- drm/i915: Make intel_get_crtc_new_encoder() less oopsy (git-fixes).
- drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (git-fixes).
- drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() (git-fixes).
- drm/msm/adreno: drop bogus pm_runtime_set_active() (git-fixes).
- drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources (git-fixes).
- drm/msm: fix NULL-deref on snapshot tear down (git-fixes).
- drm/nouveau/disp: Support more modes by checking with lower bpc (git-fixes).
- drm/panel: otm8009a: Set backlight parent to panel device (git-fixes).
- drm/probe-helper: Cancel previous job before starting new one (git-fixes).
- drm/rockchip: Drop unbalanced obj unref (git-fixes).
- drm/vgem: add missing mutex_destroy (git-fixes).
- drm: msm: adreno: Disable preemption on Adreno 510 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (git-fixes).
- drm: rcar-du: Fix a NULL vs IS_ERR() bug (git-fixes).
- dt-bindings: arm: fsl: Fix copy-paste error in comment (git-fixes).
- dt-bindings: iio: ti,tmp117: fix documentation link (git-fixes).
- dt-bindings: mailbox: qcom,apcs-kpss-global: fix SDX55 'if' match (git-fixes).
- dt-bindings: nvmem: qcom,spmi-sdam: fix example 'reg' property (git-fixes).
- dt-bindings: remoteproc: stm32-rproc: Typo fix (git-fixes).
- dt-bindings: soc: qcom: smd-rpm: re-add missing qcom,rpm-msm8994 (git-fixes).
- e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).
- efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (git-fixes).
- ext4: Fix deadlock during directory rename (bsc#1210763).
- ext4: Fix possible corruption when moving a directory (bsc#1210763).
- ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).
- ext4: fix another off-by-one fsmap error on 1k block filesystems (bsc#1210767).
- ext4: fix bad checksum after online resize (bsc#1210762 bsc#1208076).
- ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).
- ext4: fix corruption when online resizing a 1K bigalloc fs (bsc#1206891).
- ext4: fix incorrect options show of original mount_opt and extend mount_opt2 (bsc#1210764).
- ext4: fix possible double unlock when moving a directory (bsc#1210763).
- ext4: use ext4_journal_start/stop for fast commit transactions (bsc#1210793).
- fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace (git-fixes).
- firmware: qcom_scm: Clear download bit during reboot (git-fixes).
- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes).
- fpga: bridge: fix kernel-doc parameter description (git-fixes).
- hwmon: (adt7475) Use device_property APIs when configuring polarity (git-fixes).
- hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write (git-fixes).
- hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E (git-fixes).
- i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path (git-fixes).
- i2c: hisi: Avoid redundant interrupts (git-fixes).
- i2c: imx-lpi2c: clean rx/tx buffers upon new message (git-fixes).
- i2c: ocores: generate stop condition after timeout in polling mode (git-fixes).
- i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call (git-fixes).
- ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (bsc#1210158).
- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (git-fixes).
- iio: light: tsl2772: fix reading proximity-diodes from device tree (git-fixes).
- ipmi: fix SSIF not responding under certain cond (git-fixes).
- ipmi:ssif: Add send_retries increment (git-fixes).
- k-m-s: Drop Linux 2.6 support
- kABI: PCI: loongson: Prevent LS7A MRRS increases (kabi).
- kABI: x86/msi: Fix msi message data shadow struct (kabi).
- kabi/severities: ignore KABI for NVMe target (bsc#1174777).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- locking/rwbase: Mitigate indefinite writer starvation.
- media: av7110: prevent underflow in write_ts_to_decoder() (git-fixes).
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (git-fixes).
- media: max9286: Free control handler (git-fixes).
- media: rc: gpio-ir-recv: Fix support for wake-up (git-fixes).
- media: rkvdec: fix use after free bug in rkvdec_remove (git-fixes).
- media: saa7134: fix use after free bug in saa7134_finidev due to race condition (git-fixes).
- media: venus: dec: Fix handling of the start cmd (git-fixes).
- memstick: fix memory leak if card device is never registered (git-fixes).
- mm/filemap: fix page end in filemap_get_read_batch (bsc#1210768).
- mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages (bsc#1210034).
- mm: take a page reference when removing device exclusive entries (bsc#1211025).
- mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data (git-fixes).
- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (git-fixes).
- mtd: core: fix error path for nvmem provider (git-fixes).
- mtd: core: fix nvmem error reporting (git-fixes).
- mtd: core: provide unique name for nvmem device, take two (git-fixes).
- mtd: spi-nor: Fix a trivial typo (git-fixes).
- net: phy: nxp-c45-tja11xx: add remove callback (git-fixes).
- net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow (git-fixes).
- nfsd: call op_release, even when op_func returns an error (git-fixes).
- nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (git-fixes).
- nilfs2: initialize unused bytes in segment summary blocks (git-fixes).
- nvme initialize core quirks before calling nvme_init_subsystem (git-fixes).
- nvme-auth: uninitialized variable in nvme_auth_transform_key() (git-fixes).
- nvme-fcloop: fix 'inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage' (git-fixes).
- nvme-hwmon: consistently ignore errors from nvme_hwmon_init (git-fixes).
- nvme-hwmon: kmalloc the NVME SMART log buffer (git-fixes).
- nvme-multipath: fix possible hang in live ns resize with ANA access (git-fixes).
- nvme-pci: fix doorbell buffer value endianness (git-fixes).
- nvme-pci: fix mempool alloc size (git-fixes).
- nvme-pci: fix page size checks (git-fixes).
- nvme-pci: fix timeout request state check (git-fixes).
- nvme-rdma: fix possible hang caused during ctrl deletion (git-fixes).
- nvme-tcp: fix possible circular locking when deleting a controller under memory pressure (git-fixes).
- nvme-tcp: fix possible hang caused during ctrl deletion (git-fixes).
- nvme-tcp: fix regression that causes sporadic requests to time out (git-fixes).
- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices (git-fixes).
- nvme: add device name to warning in uuid_show() (git-fixes).
- nvme: catch -ENODEV from nvme_revalidate_zones again (git-fixes).
- nvme: copy firmware_rev on each init (git-fixes).
- nvme: define compat_ioctl again to unbreak 32-bit userspace (git-fixes).
- nvme: fix async event trace event (git-fixes).
- nvme: fix handling single range discard request (git-fixes).
- nvme: fix per-namespace chardev deletion (git-fixes).
- nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition (git-fixes).
- nvme: fix the read-only state for zoned namespaces with unsupposed features (git-fixes).
- nvme: improve the NVME_CONNECT_AUTHREQ* definitions (git-fixes).
- nvme: move nvme_multi_css into nvme.h (git-fixes).
- nvme: return err on nvme_init_non_mdts_limits fail (git-fixes).
- nvme: send Identify with CNS 06h only to I/O controllers (bsc#1209693).
- nvme: set dma alignment to dword (git-fixes).
- nvme: use command_id instead of req->tag in trace_nvme_complete_rq() (git-fixes).
- nvmet-auth: do not try to cancel a non-initialized work_struct (git-fixes).
- nvmet-tcp: fix incomplete data digest send (git-fixes).
- nvmet-tcp: fix regression in data_digest calculation (git-fixes).
- nvmet: add helpers to set the result field for connect commands (git-fixes).
- nvmet: avoid potential UAF in nvmet_req_complete() (git-fixes).
- nvmet: do not defer passthrough commands with trivial effects to the workqueue (git-fixes).
- nvmet: fix I/O Command Set specific Identify Controller (git-fixes).
- nvmet: fix Identify Active Namespace ID list handling (git-fixes).
- nvmet: fix Identify Controller handling (git-fixes).
- nvmet: fix Identify Namespace handling (git-fixes).
- nvmet: fix a memory leak (git-fixes).
- nvmet: fix a memory leak in nvmet_auth_set_key (git-fixes).
- nvmet: fix a use-after-free (git-fixes).
- nvmet: fix invalid memory reference in nvmet_subsys_attr_qid_max_show (git-fixes).
- nvmet: force reconnect when number of queue changes (git-fixes).
- nvmet: looks at the passthrough controller when initializing CAP (git-fixes).
- nvmet: only allocate a single slab for bvecs (git-fixes).
- nvmet: use IOCB_NOWAIT only if the filesystem supports it (git-fixes).
- perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output (git fixes).
- perf/core: Fix the same task check in perf_event_set_output (git fixes).
- perf: Fix check before add_event_to_groups() in perf_group_detach() (git fixes).
- perf: fix perf_event_context->time (git fixes).
- platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2 (git-fixes).
- platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE (git-fixes).
- power: supply: cros_usbpd: reclassify 'default case!' as debug (git-fixes).
- power: supply: generic-adc-battery: fix unit scaling (git-fixes).
- powerpc/64: Always build with 128-bit long double (bsc#1194869).
- powerpc/64e: Fix amdgpu build on Book3E w/o AltiVec (bsc#1194869).
- powerpc/hv-gpci: Fix hv_gpci event list (git fixes).
- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/perf/hv-24x7: add missing RTAS retry status handling (git fixes).
- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc: declare unmodified attribute_group usages const (git-fixes).
- regulator: core: Avoid lockdep reports when resolving supplies (git-fixes).
- regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() (git-fixes).
- regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted (git-fixes).
- regulator: fan53555: Explicitly include bits header (git-fixes).
- regulator: fan53555: Fix wrong TCS_SLEW_MASK (git-fixes).
- regulator: stm32-pwr: fix of_iomap leak (git-fixes).
- remoteproc: Harden rproc_handle_vdev() against integer overflow (git-fixes).
- remoteproc: imx_rproc: Call of_node_put() on iteration error (git-fixes).
- remoteproc: st: Call of_node_put() on iteration error (git-fixes).
- remoteproc: stm32: Call of_node_put() on iteration error (git-fixes).
- rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time (git-fixes).
- rtc: omap: include header for omap_rtc_power_off_program prototype (git-fixes).
- sched/fair: Fix imbalance overflow (bsc#1155798 (CPU scheduler functional and performance backports)).
- sched/fair: Limit sched slice duration (bsc#1189999 (Scheduler functional and performance backports)).
- sched/fair: Move calculate of avg_load to a better location (bsc#1155798).
- sched/fair: Sanitize vruntime of entity being migrated (bsc#1203325).
- sched/fair: sanitize vruntime of entity being placed (bsc#1203325).
- sched/numa: Stop an exhastive search if an idle core is found (bsc#1189999).
- sched_getaffinity: do not assume 'cpumask_size()' is fully initialized (bsc#1155798).
- scsi: aic94xx: Add missing check for dma_map_single() (git-fixes).
- scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD (git-fixes bsc#1203039)
- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (git-fixes).
- scsi: core: Fix a procfs host directory removal regression (git-fixes).
- scsi: core: Fix a source code comment (git-fixes).
- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).
- scsi: hisi_sas: Check devm_add_action() return value (git-fixes).
- scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id (git-fixes).
- scsi: ipr: Work around fortify-string warning (git-fixes).
- scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() (git-fixes).
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (git-fixes).
- scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (git-fixes).
- scsi: kABI workaround for fc_host_fpin_rcv (git-fixes).
- scsi: libsas: Remove useless dev_list delete in sas_ex_discover_end_dev() (git-fixes).
- scsi: lpfc: Avoid usage of list iterator variable after loop (git-fixes).
- scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() (git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.11 patches (bsc#1210943).
- scsi: lpfc: Correct used_rpi count when devloss tmo fires with no recovery (bsc#1210943).
- scsi: lpfc: Defer issuing new PLOGI if received RSCN before completing REG_LOGIN (bsc#1210943).
- scsi: lpfc: Drop redundant pci_enable_pcie_error_reporting() (bsc#1210943).
- scsi: lpfc: Fix double word in comments (bsc#1210943).
- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (bsc#1210943).
- scsi: lpfc: Fix lockdep warning for rx_monitor lock when unloading driver (bsc#1210943).
- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (bsc#1210943).
- scsi: lpfc: Record LOGO state with discovery engine even if aborted (bsc#1210943).
- scsi: lpfc: Reorder freeing of various DMA buffers and their list removal (bsc#1210943).
- scsi: lpfc: Revise lpfc_error_lost_link() reason code evaluation logic (bsc#1210943).
- scsi: lpfc: Silence an incorrect device output (bsc#1210943).
- scsi: lpfc: Skip waiting for register ready bits when in unrecoverable state (bsc#1210943).
- scsi: lpfc: Update lpfc version to 14.2.0.11 (bsc#1210943).
- scsi: megaraid_sas: Fix crash after a double completion (git-fixes).
- scsi: megaraid_sas: Update max supported LD IDs to 240 (git-fixes).
- scsi: mpt3sas: Do not print sense pool info twice (git-fixes).
- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (git-fixes).
- scsi: mpt3sas: Fix a memory leak (git-fixes).
- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (git-fixes).
- scsi: scsi_transport_fc: Add an additional flag to fc_host_fpin_rcv() (bsc#1210943).
- scsi: sd: Fix wrong zone_write_granularity value during revalidate (git-fixes).
- scsi: ses: Do not attach if enclosure has no components (git-fixes).
- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (git-fixes).
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).
- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (git-fixes).
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (git-fixes).
- scsi: snic: Fix memory leak with using debugfs_lookup() (git-fixes).
- seccomp: Move copy_seccomp() to no failure path (bsc#1210817).
- selftests/kselftest/runner/run_one(): allow running non-executable files (git-fixes).
- selftests: sigaltstack: fix -Wuninitialized (git-fixes).
- selinux: ensure av_permissions.h is built when needed (git-fixes).
- selinux: fix Makefile dependencies of flask.h (git-fixes).
- serial: 8250: Add missing wakeup event reporting (git-fixes).
- serial: 8250_bcm7271: Fix arbitration handling (git-fixes).
- serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards (git-fixes).
- serial: exar: Add support for Sealevel 7xxxC serial cards (git-fixes).
- signal handling: do not use BUG_ON() for debugging (bsc#1210439).
- signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed (bsc#1210816).
- signal: Do not always set SA_IMMUTABLE for forced signals (bsc#1210816).
- signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE (bsc#1210816).
- soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe (git-fixes).
- spi: cadence-quadspi: fix suspend-resume implementations (git-fixes).
- spi: fsl-spi: Fix CPM/QE mode Litte Endian (git-fixes).
- spi: qup: Do not skip cleanup in remove's error path (git-fixes).
- staging: iio: resolver: ads1210: fix config mode (git-fixes).
- staging: rtl8192e: Fix W_DISABLE# does not work after stop/start (git-fixes).
- stat: fix inconsistency between struct stat and struct compat_stat (git-fixes).
- sunrpc: only free unix grouplist after RCU settles (git-fixes).
- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH (git-fixes).
- tty: serial: fsl_lpuart: adjust buffer length to the intended size (git-fixes).
- udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).
- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).
- udf: Support splicing to file (bsc#1210770).
- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).
- usb: chipidea: imx: avoid unnecessary probe defer (git-fixes).
- usb: dwc3: gadget: Change condition for processing suspend event (git-fixes).
- usb: dwc3: pci: add support for the Intel Meteor Lake-S (git-fixes).
- usb: gadget: tegra-xudc: Fix crash in vbus_draw (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition (git-fixes).
- usb: host: xhci-rcar: remove leftover quirk handling (git-fixes).
- virt/coco/sev-guest: Add throttling awareness (bsc#1209927).
- virt/coco/sev-guest: Carve out the request issuing logic into a helper (bsc#1209927).
- virt/coco/sev-guest: Check SEV_SNP attribute at probe time (bsc#1209927).
- virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case (bsc#1209927).
- virt/coco/sev-guest: Do some code style cleanups (bsc#1209927).
- virt/coco/sev-guest: Remove the disable_vmpck label in handle_guest_request() (bsc#1209927).
- virt/coco/sev-guest: Simplify extended guest request handling (bsc#1209927).
- virt/sev-guest: Return -EIO if certificate buffer is not large enough (bsc#1209927).
- virtio_ring: do not update event idx on get_buf (git-fixes).
- vmci_host: fix a race condition in vmci_host_poll() causing GPF (git-fixes).
- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).
- wifi: ath6kl: minor fix for allocation size (git-fixes).
- wifi: ath6kl: reduce WARN to dev_dbg() in callback (git-fixes).
- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (git-fixes).
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (git-fixes).
- wifi: brcmfmac: support CQM RSSI notification with older firmware (git-fixes).
- wifi: iwlwifi: debug: fix crash in __iwl_err() (git-fixes).
- wifi: iwlwifi: fix duplicate entry in iwl_dev_info_table (git-fixes).
- wifi: iwlwifi: fw: fix memory leak in debugfs (git-fixes).
- wifi: iwlwifi: fw: move memset before early return (git-fixes).
- wifi: iwlwifi: make the loop for card preparation effective (git-fixes).
- wifi: iwlwifi: mvm: check firmware response size (git-fixes).
- wifi: iwlwifi: mvm: do not set CHECKSUM_COMPLETE for unsupported protocols (git-fixes).
- wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (git-fixes).
- wifi: iwlwifi: mvm: initialize seq variable (git-fixes).
- wifi: iwlwifi: trans: do not trigger d3 interrupt twice (git-fixes).
- wifi: iwlwifi: yoyo: Fix possible division by zero (git-fixes).
- wifi: iwlwifi: yoyo: skip dump correctly on hw error (git-fixes).
- wifi: mac80211: adjust scan cancel comment/check (git-fixes).
- wifi: mt76: add missing locking to protect against concurrent rx/status calls (git-fixes).
- wifi: mt76: fix 6GHz high channel not be scanned (git-fixes).
- wifi: mt76: handle failure of vzalloc in mt7615_coredump_work (git-fixes).
- wifi: mwifiex: mark OF related data as maybe unused (git-fixes).
- wifi: rt2x00: Fix memory leak when handling surveys (git-fixes).
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() (git-fixes).
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() (git-fixes).
- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() (git-fixes).
- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() (git-fixes).
- wifi: rtw89: fix potential race condition between napi_init and napi_enable (git-fixes).
- writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs (bsc#1210769).
- x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails (git-fixes).
- x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (git-fixes).
- x86/bug: Prevent shadowing in __WARN_FLAGS (git-fixes).
- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
- x86/entry: Avoid very early RET (git-fixes).
- x86/entry: Do not call error_entry() for XENPV (git-fixes).
- x86/entry: Move CLD to the start of the idtentry macro (git-fixes).
- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (git-fixes).
- x86/entry: Switch the stack after error_entry() returns (git-fixes).
- x86/fpu: Prevent FPU state corruption (git-fixes).
- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (git-fixes).
- x86/msi: Fix msi message data shadow struct (git-fixes).
- x86/pci/xen: Disable PCI/MSI masking for XEN_HVM guests (git-fixes).
- x86/traps: Use pt_regs directly in fixup_bad_iret() (git-fixes).
- x86/tsx: Disable TSX development mode at boot (git-fixes).
- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).
- xhci: fix debugfs register accesses while suspended (git-fixes).
Patchnames
SUSE-2023-2141,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-2141,openSUSE-SLE-15.4-2023-2141
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2235: A use-after-free vulnerability in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210986).\n- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).\n- CVE-2023-23006: Fixed NULL checking against IS_ERR in dr_domain_init_resources (bsc#1208845).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).\n- CVE-2023-0386: A flaw was found where unauthorized access to the execution of the setuid file with capabilities was found in the OverlayFS subsystem, when a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allowed a local user to escalate their privileges on the system (bsc#1209615).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-2019: A flaw was found in the netdevsim device driver, more specifically within the scheduling of events. This issue results from the improper management of a reference count and may lead to a denial of service (bsc#1210454).\n- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Disable FIE if registers in PCC regions (bsc#1210953).\n- ACPI: VIOT: Initialize the correct IOMMU fwspec (git-fixes).\n- ACPI: resource: Add Medion S17413 to IRQ override quirk (git-fixes).\n- ALSA: emu10k1: do not create old pass-through playback device on Audigy (git-fixes).\n- ALSA: emu10k1: fix capture interrupt handler unlinking (git-fixes).\n- ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (git-fixes).\n- ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock (git-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2 (git-fixes).\n- ALSA: hda/realtek: Enable mute/micmute LEDs and speaker support for HP Laptops (git-fixes).\n- ALSA: hda/realtek: Remove specific patch for Dell Precision 3260 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n- ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP platform (git-fixes).\n- ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (git-fixes).\n- ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (git-fixes).\n- ALSA: hda: cs35l41: Enable Amp High Pass Filter (git-fixes).\n- ALSA: hda: patch_realtek: add quirk for Asus N7601ZM (git-fixes).\n- ALSA: i2c/cs8427: fix iec958 mixer control deactivation (git-fixes).\n- ARM: 9290/1: uaccess: Fix KASAN false-positives (git-fixes).\n- ARM: dts: exynos: fix WM8960 clock name in Itop Elite (git-fixes).\n- ARM: dts: gta04: fix excess dma channel usage (git-fixes).\n- ARM: dts: qcom: ipq4019: Fix the PCI I/O port range (git-fixes).\n- ARM: dts: rockchip: fix a typo error for rk3288 spdif node (git-fixes).\n- ARM: dts: s5pv210: correct MIPI CSIS clock name (git-fixes).\n- ASN.1: Fix check for strdup() success (git-fixes).\n- ASoC: cs35l41: Only disable internal boost (git-fixes).\n- ASoC: es8316: Handle optional IRQ assignment (git-fixes).\n- ASoC: fsl_asrc_dma: fix potential null-ptr-deref (git-fixes).\n- ASoC: fsl_mqs: move of_node_put() to the correct location (git-fixes).\n- Add 42a11bf5c543 cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly\n- Add eee878537941 cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods\n- Bluetooth: Fix race condition in hidp_session_thread (git-fixes).\n- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (git-fixes).\n- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).\n- IB/mlx5: Add support for 400G_8X lane speed (git-fixes)\n- Input: hp_sdc_rtc - mark an unused function as __maybe_unused (git-fixes).\n- Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (git-fixes).\n- KEYS: Add missing function documentation (git-fixes).\n- KEYS: Create static version of public_key_verify_signature (git-fixes).\n- NFS: Cleanup unused rpc_clnt variable (git-fixes).\n- NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL (git-fixes).\n- NFSD: callback request does not use correct credential for AUTH_SYS (git-fixes).\n- PCI/EDR: Clear Device Status after EDR error recovery (git-fixes).\n- PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled (git-fixes).\n- PCI: imx6: Install the fault handler only on compatible match (git-fixes).\n- PCI: loongson: Add more devices that need MRRS quirk (git-fixes).\n- PCI: loongson: Prevent LS7A MRRS increases (git-fixes).\n- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).\n- PCI: qcom: Fix the incorrect register usage in v2.7.0 config (git-fixes).\n- RDMA/cma: Allow UD qp_type to join multicast only (git-fixes)\n- RDMA/core: Fix GID entry ref leak when create_ah fails (git-fixes)\n- RDMA/irdma: Add ipv4 check to irdma_find_listener() (git-fixes)\n- RDMA/irdma: Fix memory leak of PBLE objects (git-fixes)\n- RDMA/irdma: Increase iWARP CM default rexmit count (git-fixes)\n- Remove obsolete KMP obsoletes (bsc#1210469).\n- Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (git-fixes).\n- Revert 'pinctrl: amd: Disable and mask interrupts on resume' (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).\n- USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).\n- USB: serial: option: add Quectel RM500U-CN modem (git-fixes).\n- USB: serial: option: add Telit FE990 compositions (git-fixes).\n- USB: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).\n- amdgpu: disable powerpc support for the newer display engine (bsc#1194869).\n- arm64: dts: imx8mm-evk: correct pmic clock source (git-fixes).\n- arm64: dts: meson-g12-common: specify full DMC range (git-fixes).\n- arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node (git-fixes).\n- arm64: dts: qcom: ipq8074: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator (git-fixes).\n- arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator (git-fixes).\n- arm64: dts: qcom: msm8996: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name (git-fixes).\n- arm64: dts: qcom: msm8998: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply (git-fixes).\n- arm64: dts: qcom: sdm845: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: sm8250: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table (git-fixes).\n- arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table (git-fixes).\n- arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property (git-fixes).\n- bluetooth: Perform careful capability checks in hci_sock_ioctl() (git-fixes).\n- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- clk: add missing of_node_put() in 'assigned-clocks' property parsing (git-fixes).\n- clk: at91: clk-sam9x60-pll: fix return value check (git-fixes).\n- clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent (git-fixes).\n- clk: sprd: set max_register according to mapping range (git-fixes).\n- clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails (git-fixes).\n- cpufreq: CPPC: Fix build error without CONFIG_ACPI_CPPC_CPUFREQ_FIE (bsc#1210953).\n- cpufreq: CPPC: Fix performance/frequency conversion (git-fixes).\n- cpumask: fix incorrect cpumask scanning result checks (bsc#1210943).\n- crypto: caam - Clear some memory in instantiate_rng (git-fixes).\n- crypto: drbg - Only fail when jent is unavailable in FIPS mode (git-fixes).\n- crypto: sa2ul - Select CRYPTO_DES (git-fixes).\n- crypto: safexcel - Cleanup ring IRQ workqueues on load failure (git-fixes).\n- driver core: Do not require dynamic_debug for initcall_debug probe timing (git-fixes).\n- drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() (git-fixes).\n- drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() (git-fixes).\n- drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings (git-fixes).\n- drm/amd/display: Fix potential null dereference (git-fixes).\n- drm/amdgpu: Re-enable DCN for 64-bit powerpc (bsc#1194869).\n- drm/armada: Fix a potential double free in an error handling path (git-fixes).\n- drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535 (git-fixes).\n- drm/bridge: lt8912b: Fix DSI Video Mode (git-fixes).\n- drm/bridge: lt9611: Fix PLL being unable to lock (git-fixes).\n- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var (git-fixes).\n- drm/i915/dsi: fix DSS CTL register offsets for TGL+ (git-fixes).\n- drm/i915: Fix fast wake AUX sync len (git-fixes).\n- drm/i915: Make intel_get_crtc_new_encoder() less oopsy (git-fixes).\n- drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (git-fixes).\n- drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() (git-fixes).\n- drm/msm/adreno: drop bogus pm_runtime_set_active() (git-fixes).\n- drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources (git-fixes).\n- drm/msm: fix NULL-deref on snapshot tear down (git-fixes).\n- drm/nouveau/disp: Support more modes by checking with lower bpc (git-fixes).\n- drm/panel: otm8009a: Set backlight parent to panel device (git-fixes).\n- drm/probe-helper: Cancel previous job before starting new one (git-fixes).\n- drm/rockchip: Drop unbalanced obj unref (git-fixes).\n- drm/vgem: add missing mutex_destroy (git-fixes).\n- drm: msm: adreno: Disable preemption on Adreno 510 (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (git-fixes).\n- drm: rcar-du: Fix a NULL vs IS_ERR() bug (git-fixes).\n- dt-bindings: arm: fsl: Fix copy-paste error in comment (git-fixes).\n- dt-bindings: iio: ti,tmp117: fix documentation link (git-fixes).\n- dt-bindings: mailbox: qcom,apcs-kpss-global: fix SDX55 'if' match (git-fixes).\n- dt-bindings: nvmem: qcom,spmi-sdam: fix example 'reg' property (git-fixes).\n- dt-bindings: remoteproc: stm32-rproc: Typo fix (git-fixes).\n- dt-bindings: soc: qcom: smd-rpm: re-add missing qcom,rpm-msm8994 (git-fixes).\n- e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).\n- efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (git-fixes).\n- ext4: Fix deadlock during directory rename (bsc#1210763).\n- ext4: Fix possible corruption when moving a directory (bsc#1210763).\n- ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).\n- ext4: fix another off-by-one fsmap error on 1k block filesystems (bsc#1210767).\n- ext4: fix bad checksum after online resize (bsc#1210762 bsc#1208076).\n- ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).\n- ext4: fix corruption when online resizing a 1K bigalloc fs (bsc#1206891).\n- ext4: fix incorrect options show of original mount_opt and extend mount_opt2 (bsc#1210764).\n- ext4: fix possible double unlock when moving a directory (bsc#1210763).\n- ext4: use ext4_journal_start/stop for fast commit transactions (bsc#1210793).\n- fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace (git-fixes).\n- firmware: qcom_scm: Clear download bit during reboot (git-fixes).\n- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes).\n- fpga: bridge: fix kernel-doc parameter description (git-fixes).\n- hwmon: (adt7475) Use device_property APIs when configuring polarity (git-fixes).\n- hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write (git-fixes).\n- hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E (git-fixes).\n- i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path (git-fixes).\n- i2c: hisi: Avoid redundant interrupts (git-fixes).\n- i2c: imx-lpi2c: clean rx/tx buffers upon new message (git-fixes).\n- i2c: ocores: generate stop condition after timeout in polling mode (git-fixes).\n- i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call (git-fixes).\n- ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (bsc#1210158).\n- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (git-fixes).\n- iio: light: tsl2772: fix reading proximity-diodes from device tree (git-fixes).\n- ipmi: fix SSIF not responding under certain cond (git-fixes).\n- ipmi:ssif: Add send_retries increment (git-fixes).\n- k-m-s: Drop Linux 2.6 support\n- kABI: PCI: loongson: Prevent LS7A MRRS increases (kabi).\n- kABI: x86/msi: Fix msi message data shadow struct (kabi).\n- kabi/severities: ignore KABI for NVMe target (bsc#1174777).\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- locking/rwbase: Mitigate indefinite writer starvation.\n- media: av7110: prevent underflow in write_ts_to_decoder() (git-fixes).\n- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (git-fixes).\n- media: max9286: Free control handler (git-fixes).\n- media: rc: gpio-ir-recv: Fix support for wake-up (git-fixes).\n- media: rkvdec: fix use after free bug in rkvdec_remove (git-fixes).\n- media: saa7134: fix use after free bug in saa7134_finidev due to race condition (git-fixes).\n- media: venus: dec: Fix handling of the start cmd (git-fixes).\n- memstick: fix memory leak if card device is never registered (git-fixes).\n- mm/filemap: fix page end in filemap_get_read_batch (bsc#1210768).\n- mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages (bsc#1210034).\n- mm: take a page reference when removing device exclusive entries (bsc#1211025).\n- mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data (git-fixes).\n- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (git-fixes).\n- mtd: core: fix error path for nvmem provider (git-fixes).\n- mtd: core: fix nvmem error reporting (git-fixes).\n- mtd: core: provide unique name for nvmem device, take two (git-fixes).\n- mtd: spi-nor: Fix a trivial typo (git-fixes).\n- net: phy: nxp-c45-tja11xx: add remove callback (git-fixes).\n- net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow (git-fixes).\n- nfsd: call op_release, even when op_func returns an error (git-fixes).\n- nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (git-fixes).\n- nilfs2: initialize unused bytes in segment summary blocks (git-fixes).\n- nvme initialize core quirks before calling nvme_init_subsystem (git-fixes).\n- nvme-auth: uninitialized variable in nvme_auth_transform_key() (git-fixes).\n- nvme-fcloop: fix 'inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage' (git-fixes).\n- nvme-hwmon: consistently ignore errors from nvme_hwmon_init (git-fixes).\n- nvme-hwmon: kmalloc the NVME SMART log buffer (git-fixes).\n- nvme-multipath: fix possible hang in live ns resize with ANA access (git-fixes).\n- nvme-pci: fix doorbell buffer value endianness (git-fixes).\n- nvme-pci: fix mempool alloc size (git-fixes).\n- nvme-pci: fix page size checks (git-fixes).\n- nvme-pci: fix timeout request state check (git-fixes).\n- nvme-rdma: fix possible hang caused during ctrl deletion (git-fixes).\n- nvme-tcp: fix possible circular locking when deleting a controller under memory pressure (git-fixes).\n- nvme-tcp: fix possible hang caused during ctrl deletion (git-fixes).\n- nvme-tcp: fix regression that causes sporadic requests to time out (git-fixes).\n- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices (git-fixes).\n- nvme: add device name to warning in uuid_show() (git-fixes).\n- nvme: catch -ENODEV from nvme_revalidate_zones again (git-fixes).\n- nvme: copy firmware_rev on each init (git-fixes).\n- nvme: define compat_ioctl again to unbreak 32-bit userspace (git-fixes).\n- nvme: fix async event trace event (git-fixes).\n- nvme: fix handling single range discard request (git-fixes).\n- nvme: fix per-namespace chardev deletion (git-fixes).\n- nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition (git-fixes).\n- nvme: fix the read-only state for zoned namespaces with unsupposed features (git-fixes).\n- nvme: improve the NVME_CONNECT_AUTHREQ* definitions (git-fixes).\n- nvme: move nvme_multi_css into nvme.h (git-fixes).\n- nvme: return err on nvme_init_non_mdts_limits fail (git-fixes).\n- nvme: send Identify with CNS 06h only to I/O controllers (bsc#1209693).\n- nvme: set dma alignment to dword (git-fixes).\n- nvme: use command_id instead of req->tag in trace_nvme_complete_rq() (git-fixes).\n- nvmet-auth: do not try to cancel a non-initialized work_struct (git-fixes).\n- nvmet-tcp: fix incomplete data digest send (git-fixes).\n- nvmet-tcp: fix regression in data_digest calculation (git-fixes).\n- nvmet: add helpers to set the result field for connect commands (git-fixes).\n- nvmet: avoid potential UAF in nvmet_req_complete() (git-fixes).\n- nvmet: do not defer passthrough commands with trivial effects to the workqueue (git-fixes).\n- nvmet: fix I/O Command Set specific Identify Controller (git-fixes).\n- nvmet: fix Identify Active Namespace ID list handling (git-fixes).\n- nvmet: fix Identify Controller handling (git-fixes).\n- nvmet: fix Identify Namespace handling (git-fixes).\n- nvmet: fix a memory leak (git-fixes).\n- nvmet: fix a memory leak in nvmet_auth_set_key (git-fixes).\n- nvmet: fix a use-after-free (git-fixes).\n- nvmet: fix invalid memory reference in nvmet_subsys_attr_qid_max_show (git-fixes).\n- nvmet: force reconnect when number of queue changes (git-fixes).\n- nvmet: looks at the passthrough controller when initializing CAP (git-fixes).\n- nvmet: only allocate a single slab for bvecs (git-fixes).\n- nvmet: use IOCB_NOWAIT only if the filesystem supports it (git-fixes).\n- perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output (git fixes).\n- perf/core: Fix the same task check in perf_event_set_output (git fixes).\n- perf: Fix check before add_event_to_groups() in perf_group_detach() (git fixes).\n- perf: fix perf_event_context->time (git fixes).\n- platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2 (git-fixes).\n- platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE (git-fixes).\n- power: supply: cros_usbpd: reclassify 'default case!' as debug (git-fixes).\n- power: supply: generic-adc-battery: fix unit scaling (git-fixes).\n- powerpc/64: Always build with 128-bit long double (bsc#1194869).\n- powerpc/64e: Fix amdgpu build on Book3E w/o AltiVec (bsc#1194869).\n- powerpc/hv-gpci: Fix hv_gpci event list (git fixes).\n- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/perf/hv-24x7: add missing RTAS retry status handling (git fixes).\n- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc: declare unmodified attribute_group usages const (git-fixes).\n- regulator: core: Avoid lockdep reports when resolving supplies (git-fixes).\n- regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() (git-fixes).\n- regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted (git-fixes).\n- regulator: fan53555: Explicitly include bits header (git-fixes).\n- regulator: fan53555: Fix wrong TCS_SLEW_MASK (git-fixes).\n- regulator: stm32-pwr: fix of_iomap leak (git-fixes).\n- remoteproc: Harden rproc_handle_vdev() against integer overflow (git-fixes).\n- remoteproc: imx_rproc: Call of_node_put() on iteration error (git-fixes).\n- remoteproc: st: Call of_node_put() on iteration error (git-fixes).\n- remoteproc: stm32: Call of_node_put() on iteration error (git-fixes).\n- rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time (git-fixes).\n- rtc: omap: include header for omap_rtc_power_off_program prototype (git-fixes).\n- sched/fair: Fix imbalance overflow (bsc#1155798 (CPU scheduler functional and performance backports)).\n- sched/fair: Limit sched slice duration (bsc#1189999 (Scheduler functional and performance backports)).\n- sched/fair: Move calculate of avg_load to a better location (bsc#1155798).\n- sched/fair: Sanitize vruntime of entity being migrated (bsc#1203325).\n- sched/fair: sanitize vruntime of entity being placed (bsc#1203325).\n- sched/numa: Stop an exhastive search if an idle core is found (bsc#1189999).\n- sched_getaffinity: do not assume 'cpumask_size()' is fully initialized (bsc#1155798).\n- scsi: aic94xx: Add missing check for dma_map_single() (git-fixes).\n- scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD (git-fixes bsc#1203039)\n- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (git-fixes).\n- scsi: core: Fix a procfs host directory removal regression (git-fixes).\n- scsi: core: Fix a source code comment (git-fixes).\n- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).\n- scsi: hisi_sas: Check devm_add_action() return value (git-fixes).\n- scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id (git-fixes).\n- scsi: ipr: Work around fortify-string warning (git-fixes).\n- scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() (git-fixes).\n- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (git-fixes).\n- scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (git-fixes).\n- scsi: kABI workaround for fc_host_fpin_rcv (git-fixes).\n- scsi: libsas: Remove useless dev_list delete in sas_ex_discover_end_dev() (git-fixes).\n- scsi: lpfc: Avoid usage of list iterator variable after loop (git-fixes).\n- scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() (git-fixes).\n- scsi: lpfc: Copyright updates for 14.2.0.11 patches (bsc#1210943).\n- scsi: lpfc: Correct used_rpi count when devloss tmo fires with no recovery (bsc#1210943).\n- scsi: lpfc: Defer issuing new PLOGI if received RSCN before completing REG_LOGIN (bsc#1210943).\n- scsi: lpfc: Drop redundant pci_enable_pcie_error_reporting() (bsc#1210943).\n- scsi: lpfc: Fix double word in comments (bsc#1210943).\n- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (bsc#1210943).\n- scsi: lpfc: Fix lockdep warning for rx_monitor lock when unloading driver (bsc#1210943).\n- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (bsc#1210943).\n- scsi: lpfc: Record LOGO state with discovery engine even if aborted (bsc#1210943).\n- scsi: lpfc: Reorder freeing of various DMA buffers and their list removal (bsc#1210943).\n- scsi: lpfc: Revise lpfc_error_lost_link() reason code evaluation logic (bsc#1210943).\n- scsi: lpfc: Silence an incorrect device output (bsc#1210943).\n- scsi: lpfc: Skip waiting for register ready bits when in unrecoverable state (bsc#1210943).\n- scsi: lpfc: Update lpfc version to 14.2.0.11 (bsc#1210943).\n- scsi: megaraid_sas: Fix crash after a double completion (git-fixes).\n- scsi: megaraid_sas: Update max supported LD IDs to 240 (git-fixes).\n- scsi: mpt3sas: Do not print sense pool info twice (git-fixes).\n- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (git-fixes).\n- scsi: mpt3sas: Fix a memory leak (git-fixes).\n- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).\n- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).\n- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (git-fixes).\n- scsi: scsi_transport_fc: Add an additional flag to fc_host_fpin_rcv() (bsc#1210943).\n- scsi: sd: Fix wrong zone_write_granularity value during revalidate (git-fixes).\n- scsi: ses: Do not attach if enclosure has no components (git-fixes).\n- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (git-fixes).\n- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).\n- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (git-fixes).\n- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (git-fixes).\n- scsi: snic: Fix memory leak with using debugfs_lookup() (git-fixes).\n- seccomp: Move copy_seccomp() to no failure path (bsc#1210817).\n- selftests/kselftest/runner/run_one(): allow running non-executable files (git-fixes).\n- selftests: sigaltstack: fix -Wuninitialized (git-fixes).\n- selinux: ensure av_permissions.h is built when needed (git-fixes).\n- selinux: fix Makefile dependencies of flask.h (git-fixes).\n- serial: 8250: Add missing wakeup event reporting (git-fixes).\n- serial: 8250_bcm7271: Fix arbitration handling (git-fixes).\n- serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards (git-fixes).\n- serial: exar: Add support for Sealevel 7xxxC serial cards (git-fixes).\n- signal handling: do not use BUG_ON() for debugging (bsc#1210439).\n- signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed (bsc#1210816).\n- signal: Do not always set SA_IMMUTABLE for forced signals (bsc#1210816).\n- signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE (bsc#1210816).\n- soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe (git-fixes).\n- spi: cadence-quadspi: fix suspend-resume implementations (git-fixes).\n- spi: fsl-spi: Fix CPM/QE mode Litte Endian (git-fixes).\n- spi: qup: Do not skip cleanup in remove's error path (git-fixes).\n- staging: iio: resolver: ads1210: fix config mode (git-fixes).\n- staging: rtl8192e: Fix W_DISABLE# does not work after stop/start (git-fixes).\n- stat: fix inconsistency between struct stat and struct compat_stat (git-fixes).\n- sunrpc: only free unix grouplist after RCU settles (git-fixes).\n- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH (git-fixes).\n- tty: serial: fsl_lpuart: adjust buffer length to the intended size (git-fixes).\n- udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).\n- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).\n- udf: Support splicing to file (bsc#1210770).\n- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).\n- usb: chipidea: imx: avoid unnecessary probe defer (git-fixes).\n- usb: dwc3: gadget: Change condition for processing suspend event (git-fixes).\n- usb: dwc3: pci: add support for the Intel Meteor Lake-S (git-fixes).\n- usb: gadget: tegra-xudc: Fix crash in vbus_draw (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition (git-fixes).\n- usb: host: xhci-rcar: remove leftover quirk handling (git-fixes).\n- virt/coco/sev-guest: Add throttling awareness (bsc#1209927).\n- virt/coco/sev-guest: Carve out the request issuing logic into a helper (bsc#1209927).\n- virt/coco/sev-guest: Check SEV_SNP attribute at probe time (bsc#1209927).\n- virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case (bsc#1209927).\n- virt/coco/sev-guest: Do some code style cleanups (bsc#1209927).\n- virt/coco/sev-guest: Remove the disable_vmpck label in handle_guest_request() (bsc#1209927).\n- virt/coco/sev-guest: Simplify extended guest request handling (bsc#1209927).\n- virt/sev-guest: Return -EIO if certificate buffer is not large enough (bsc#1209927).\n- virtio_ring: do not update event idx on get_buf (git-fixes).\n- vmci_host: fix a race condition in vmci_host_poll() causing GPF (git-fixes).\n- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).\n- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).\n- wifi: ath6kl: minor fix for allocation size (git-fixes).\n- wifi: ath6kl: reduce WARN to dev_dbg() in callback (git-fixes).\n- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (git-fixes).\n- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (git-fixes).\n- wifi: brcmfmac: support CQM RSSI notification with older firmware (git-fixes).\n- wifi: iwlwifi: debug: fix crash in __iwl_err() (git-fixes).\n- wifi: iwlwifi: fix duplicate entry in iwl_dev_info_table (git-fixes).\n- wifi: iwlwifi: fw: fix memory leak in debugfs (git-fixes).\n- wifi: iwlwifi: fw: move memset before early return (git-fixes).\n- wifi: iwlwifi: make the loop for card preparation effective (git-fixes).\n- wifi: iwlwifi: mvm: check firmware response size (git-fixes).\n- wifi: iwlwifi: mvm: do not set CHECKSUM_COMPLETE for unsupported protocols (git-fixes).\n- wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (git-fixes).\n- wifi: iwlwifi: mvm: initialize seq variable (git-fixes).\n- wifi: iwlwifi: trans: do not trigger d3 interrupt twice (git-fixes).\n- wifi: iwlwifi: yoyo: Fix possible division by zero (git-fixes).\n- wifi: iwlwifi: yoyo: skip dump correctly on hw error (git-fixes).\n- wifi: mac80211: adjust scan cancel comment/check (git-fixes).\n- wifi: mt76: add missing locking to protect against concurrent rx/status calls (git-fixes).\n- wifi: mt76: fix 6GHz high channel not be scanned (git-fixes).\n- wifi: mt76: handle failure of vzalloc in mt7615_coredump_work (git-fixes).\n- wifi: mwifiex: mark OF related data as maybe unused (git-fixes).\n- wifi: rt2x00: Fix memory leak when handling surveys (git-fixes).\n- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() (git-fixes).\n- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() (git-fixes).\n- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() (git-fixes).\n- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() (git-fixes).\n- wifi: rtw89: fix potential race condition between napi_init and napi_enable (git-fixes).\n- writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs (bsc#1210769).\n- x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails (git-fixes).\n- x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (git-fixes).\n- x86/bug: Prevent shadowing in __WARN_FLAGS (git-fixes).\n- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).\n- x86/entry: Avoid very early RET (git-fixes).\n- x86/entry: Do not call error_entry() for XENPV (git-fixes).\n- x86/entry: Move CLD to the start of the idtentry macro (git-fixes).\n- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (git-fixes).\n- x86/entry: Switch the stack after error_entry() returns (git-fixes).\n- x86/fpu: Prevent FPU state corruption (git-fixes).\n- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (git-fixes).\n- x86/msi: Fix msi message data shadow struct (git-fixes).\n- x86/pci/xen: Disable PCI/MSI masking for XEN_HVM guests (git-fixes).\n- x86/traps: Use pt_regs directly in fixup_bad_iret() (git-fixes).\n- x86/tsx: Disable TSX development mode at boot (git-fixes).\n- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).\n- xhci: fix debugfs register accesses while suspended (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2141,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-2141,openSUSE-SLE-15.4-2023-2141", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2141-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2141-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232141-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2141-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029306.html", }, { category: "self", summary: "SUSE Bug 1142685", url: "https://bugzilla.suse.com/1142685", }, { category: "self", summary: "SUSE Bug 1155798", url: "https://bugzilla.suse.com/1155798", }, { category: "self", summary: "SUSE Bug 1174777", url: "https://bugzilla.suse.com/1174777", }, { category: "self", summary: "SUSE Bug 1189999", url: "https://bugzilla.suse.com/1189999", }, { category: "self", summary: "SUSE Bug 1194869", url: "https://bugzilla.suse.com/1194869", }, { category: "self", summary: "SUSE Bug 1203039", url: "https://bugzilla.suse.com/1203039", }, { category: "self", summary: "SUSE Bug 1203325", url: "https://bugzilla.suse.com/1203325", }, { category: "self", summary: "SUSE Bug 1206649", url: "https://bugzilla.suse.com/1206649", }, { category: "self", summary: "SUSE Bug 1206891", url: "https://bugzilla.suse.com/1206891", }, { category: "self", summary: "SUSE Bug 1206992", url: "https://bugzilla.suse.com/1206992", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1208076", url: "https://bugzilla.suse.com/1208076", }, { category: "self", summary: "SUSE Bug 1208845", url: "https://bugzilla.suse.com/1208845", }, { category: "self", summary: "SUSE Bug 1209615", url: "https://bugzilla.suse.com/1209615", }, { category: "self", summary: "SUSE Bug 1209693", url: "https://bugzilla.suse.com/1209693", }, { category: "self", summary: "SUSE Bug 1209739", url: "https://bugzilla.suse.com/1209739", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209927", url: "https://bugzilla.suse.com/1209927", }, { category: "self", summary: "SUSE Bug 1209999", url: "https://bugzilla.suse.com/1209999", }, { category: "self", summary: "SUSE Bug 1210034", url: "https://bugzilla.suse.com/1210034", }, { category: "self", summary: "SUSE Bug 1210158", url: "https://bugzilla.suse.com/1210158", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210206", url: "https://bugzilla.suse.com/1210206", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210439", url: "https://bugzilla.suse.com/1210439", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210629", url: "https://bugzilla.suse.com/1210629", }, { category: "self", summary: "SUSE Bug 1210725", url: "https://bugzilla.suse.com/1210725", }, { category: "self", summary: "SUSE Bug 1210762", url: "https://bugzilla.suse.com/1210762", }, { category: "self", summary: "SUSE Bug 1210763", url: "https://bugzilla.suse.com/1210763", }, { category: "self", summary: "SUSE Bug 1210764", url: "https://bugzilla.suse.com/1210764", }, { category: "self", summary: "SUSE Bug 1210765", url: "https://bugzilla.suse.com/1210765", }, { category: "self", summary: "SUSE Bug 1210766", url: "https://bugzilla.suse.com/1210766", }, { category: "self", summary: "SUSE Bug 1210767", url: "https://bugzilla.suse.com/1210767", }, { category: "self", summary: "SUSE Bug 1210768", url: "https://bugzilla.suse.com/1210768", }, { category: "self", summary: "SUSE Bug 1210769", url: "https://bugzilla.suse.com/1210769", }, { category: "self", summary: "SUSE Bug 1210770", url: "https://bugzilla.suse.com/1210770", }, { category: "self", summary: "SUSE Bug 1210771", url: "https://bugzilla.suse.com/1210771", }, { category: "self", summary: "SUSE Bug 1210793", url: "https://bugzilla.suse.com/1210793", }, { category: "self", summary: "SUSE Bug 1210816", url: "https://bugzilla.suse.com/1210816", }, { category: "self", summary: "SUSE Bug 1210817", url: "https://bugzilla.suse.com/1210817", }, { category: "self", summary: "SUSE Bug 1210827", url: "https://bugzilla.suse.com/1210827", }, { category: "self", summary: "SUSE Bug 1210943", url: "https://bugzilla.suse.com/1210943", }, { category: "self", summary: "SUSE Bug 1210953", url: "https://bugzilla.suse.com/1210953", }, { category: "self", summary: "SUSE Bug 1211025", url: "https://bugzilla.suse.com/1211025", }, { category: "self", summary: "SUSE CVE CVE-2022-2196 page", url: "https://www.suse.com/security/cve/CVE-2022-2196/", }, { category: "self", summary: "SUSE CVE CVE-2023-0386 page", url: "https://www.suse.com/security/cve/CVE-2023-0386/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2008 page", url: "https://www.suse.com/security/cve/CVE-2023-2008/", }, { category: "self", summary: "SUSE CVE CVE-2023-2019 page", url: "https://www.suse.com/security/cve/CVE-2023-2019/", }, { category: "self", summary: "SUSE CVE CVE-2023-2176 page", url: "https://www.suse.com/security/cve/CVE-2023-2176/", }, { category: "self", summary: "SUSE CVE CVE-2023-2235 page", url: "https://www.suse.com/security/cve/CVE-2023-2235/", }, { category: "self", summary: "SUSE CVE CVE-2023-23006 page", url: "https://www.suse.com/security/cve/CVE-2023-23006/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-09T12:29:44Z", generator: { date: "2023-05-09T12:29:44Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2141-1", initial_release_date: "2023-05-09T12:29:44Z", revision_history: [ { date: "2023-05-09T12:29:44Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", product_id: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", product_id: "dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", product_id: "gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "kernel-azure-5.14.21-150400.14.49.1.aarch64", product_id: "kernel-azure-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", product: { name: "kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", product_id: "kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", product: { name: "kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", product_id: "kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", product: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", product_id: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", product: { name: "kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", product_id: "kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", product_id: "kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", product_id: "kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", product_id: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", product: { name: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", product_id: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-azure-5.14.21-150400.14.49.1.noarch", product: { name: "kernel-devel-azure-5.14.21-150400.14.49.1.noarch", product_id: "kernel-devel-azure-5.14.21-150400.14.49.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-5.14.21-150400.14.49.1.noarch", product: { name: "kernel-source-azure-5.14.21-150400.14.49.1.noarch", product_id: "kernel-source-azure-5.14.21-150400.14.49.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", product_id: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", product_id: "dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", product_id: "gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "kernel-azure-5.14.21-150400.14.49.1.x86_64", product_id: "kernel-azure-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", product: { name: "kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", product_id: "kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", product: { name: "kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", product_id: "kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", product: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", product_id: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", product: { name: "kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", product_id: "kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", product_id: "kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", product_id: "kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", product_id: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", product: { name: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", product_id: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp4", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.49.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.49.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.49.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.49.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-5.14.21-150400.14.49.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", }, product_reference: "kernel-devel-azure-5.14.21-150400.14.49.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-5.14.21-150400.14.49.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", }, product_reference: "kernel-source-azure-5.14.21-150400.14.49.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.49.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.49.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-extra-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-extra-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-optional-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-optional-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-5.14.21-150400.14.49.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", }, product_reference: "kernel-devel-azure-5.14.21-150400.14.49.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-5.14.21-150400.14.49.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", }, product_reference: "kernel-source-azure-5.14.21-150400.14.49.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", }, product_reference: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", }, product_reference: "reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-2196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2196", }, ], notes: [ { category: "general", text: "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2196", url: "https://www.suse.com/security/cve/CVE-2022-2196", }, { category: "external", summary: "SUSE Bug 1206992 for CVE-2022-2196", url: "https://bugzilla.suse.com/1206992", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2022-2196", }, { cve: "CVE-2023-0386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0386", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0386", url: "https://www.suse.com/security/cve/CVE-2023-0386", }, { category: "external", summary: "SUSE Bug 1209615 for CVE-2023-0386", url: "https://bugzilla.suse.com/1209615", }, { category: "external", summary: "SUSE Bug 1210499 for CVE-2023-0386", url: "https://bugzilla.suse.com/1210499", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "important", }, ], title: "CVE-2023-0386", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2008", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2008", url: "https://www.suse.com/security/cve/CVE-2023-2008", }, { category: "external", summary: "SUSE Bug 1210453 for CVE-2023-2008", url: "https://bugzilla.suse.com/1210453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-2008", }, { cve: "CVE-2023-2019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2019", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2019", url: "https://www.suse.com/security/cve/CVE-2023-2019", }, { category: "external", summary: "SUSE Bug 1210454 for CVE-2023-2019", url: "https://bugzilla.suse.com/1210454", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-2019", }, { cve: "CVE-2023-2176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2176", }, ], notes: [ { category: "general", text: "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2176", url: "https://www.suse.com/security/cve/CVE-2023-2176", }, { category: "external", summary: "SUSE Bug 1210629 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210629", }, { category: "external", summary: "SUSE Bug 1210630 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210630", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2176", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "important", }, ], title: "CVE-2023-2176", }, { cve: "CVE-2023-2235", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2235", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation.\n\nThe perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability.\n\nWe recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2235", url: "https://www.suse.com/security/cve/CVE-2023-2235", }, { category: "external", summary: "SUSE Bug 1210986 for CVE-2023-2235", url: "https://bugzilla.suse.com/1210986", }, { category: "external", summary: "SUSE Bug 1210987 for CVE-2023-2235", url: "https://bugzilla.suse.com/1210987", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "important", }, ], title: "CVE-2023-2235", }, { cve: "CVE-2023-23006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23006", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23006", url: "https://www.suse.com/security/cve/CVE-2023-23006", }, { category: "external", summary: "SUSE Bug 1208845 for CVE-2023-23006", url: "https://bugzilla.suse.com/1208845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-23006", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-extra-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-livepatch-devel-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-azure-optional-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kernel-devel-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-source-azure-5.14.21-150400.14.49.1.noarch", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kernel-syms-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-azure-5.14.21-150400.14.49.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-azure-5.14.21-150400.14.49.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:29:44Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2162-1
Vulnerability from csaf_suse
Published
2023-05-10 16:07
Modified
2023-05-10 16:07
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
The following non-security bugs were fixed:
- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).
- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
- ath10k: Fix the parsing error in service available event (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: fix control-message timeout (git-fixes).
- ath10k: fix division by zero in send path (git-fixes).
- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
- audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).
- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).
- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).
- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).
- cachefiles: Fix race between read_waiter and read_copier involving op->to_do (bsc#1210430).
- cachefiles: Handle readpage error correctly (bsc#1210430).
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).
- cifs: fix negotiate context parsing (bsc#1210301).
- cifs: fix open leaks in open_cached_dir() (bsc#1209342).
- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).
- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
- drivers: net: lmc: fix case value for target abort error (git-fixes).
- fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).
- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).
- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).
- ipmi: fix SSIF not responding under certain cond (git-fixes).
- iwlwifi: Fix -EIO error code that is never returned (git-fixes).
- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).
- iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).
- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).
- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).
- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- keys: Hoist locking out of __key_link_begin() (bsc#1207088).
- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).
- l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).
- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).
- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).
- net/ncsi: Do not return error on normal response (git-fixes).
- net: axienet: Fix double deregister of mdio (git-fixes).
- net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).
- net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).
- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).
- net: prevent ISA drivers from building on PPC32 (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).
- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).
- ntp: Limit TAI-UTC offset (git-fixes)
- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).
- nvme-pci: fix doorbell buffer value endianness (git-fixes).
- nvme: retain split access workaround for capability reads (git-fixes).
- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).
- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).
- powercap: fix possible name leak in powercap_register_zone() (git-fixes).
- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).
- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).
- rpm/kernel-obs-build.spec.in: Remove SLE11 cruft
- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).
- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).
- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).
- struct ci_hdrc: hide new member at end (git-fixes).
- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).
- timekeeping: Prevent 32bit truncation in (git-fixes)
- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).
- uprobes/x86: Fix detection of 32-bit user mode (git-fixes).
- usb/ohci-platform: Fix a warning when hibernating (git-fixes).
- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).
- usb: storage: Add check for kcalloc (git-fixes).
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).
- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).
- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).
- wq: handle VM suspension in stall detection (bsc#1210466).
- x86, boot: Remove multiple copy of static function sanitize_boot_params() (git-fixes).
- x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines (git-fixes).
- x86/apic: Handle missing global clockevent gracefully (git-fixes bsc#1142926).
- x86/apic: Soft disable APIC before initializing it (git-fixes).
- x86/boot/compressed: Disable relocation relaxation (git-fixes).
- x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).
- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
- x86/decoder: Add TEST opcode to Group3-2 (git-fixes).
- x86/fpu: Prevent FPU state corruption (git-fixes).
- x86/ioapic: Prevent inconsistent state when moving an interrupt (git-fixes).
- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).
- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).
- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).
- x86/lib/cpu: Address missing prototypes warning (git-fixes).
- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
- x86/mce: Lower throttling MCE messages' priority to warning (git-fixes).
- x86/mm: Stop printing BRK addresses (git-fixes).
- x86/mm: Use the correct function type for native_set_fixmap() (git-fixes).
- x86/pkeys: Add check for pkey 'overflow' (git-fixes).
- x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (git-fixes).
- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).
- x86/sysfb: Fix check for bad VRAM size (git-fixes).
- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).
- x86/tools: Fix objdump version check again (git-fixes).
- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).
- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).
- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).
- x86_64: Fix jiffies ODR violation (git-fixes).
- xfrm: policy: use hlist rcu variants on insert (git-fixes).
- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).
- xhci: hide include of iommu.h (git-fixes).
Patchnames
SUSE-2023-2162,SUSE-SLE-SERVER-12-SP5-2023-2162
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).\n\nThe following non-security bugs were fixed:\n\n- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).\n- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).\n- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).\n- ath10k: Fix the parsing error in service available event (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: fix control-message timeout (git-fixes).\n- ath10k: fix division by zero in send path (git-fixes).\n- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).\n- audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).\n- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).\n- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).\n- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).\n- cachefiles: Fix race between read_waiter and read_copier involving op->to_do (bsc#1210430).\n- cachefiles: Handle readpage error correctly (bsc#1210430).\n- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- cifs: fix open leaks in open_cached_dir() (bsc#1209342).\n- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).\n- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).\n- drivers: net: lmc: fix case value for target abort error (git-fixes).\n- fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).\n- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).\n- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).\n- ipmi: fix SSIF not responding under certain cond (git-fixes).\n- iwlwifi: Fix -EIO error code that is never returned (git-fixes).\n- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).\n- iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).\n- iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).\n- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).\n- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).\n- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).\n- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- keys: Hoist locking out of __key_link_begin() (bsc#1207088).\n- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).\n- l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).\n- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).\n- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).\n- net/ncsi: Do not return error on normal response (git-fixes).\n- net: axienet: Fix double deregister of mdio (git-fixes).\n- net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).\n- net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).\n- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).\n- net: prevent ISA drivers from building on PPC32 (git-fixes).\n- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).\n- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).\n- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).\n- ntp: Limit TAI-UTC offset (git-fixes)\n- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).\n- nvme-pci: fix doorbell buffer value endianness (git-fixes).\n- nvme: retain split access workaround for capability reads (git-fixes).\n- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).\n- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).\n- powercap: fix possible name leak in powercap_register_zone() (git-fixes).\n- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).\n- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).\n- rpm/kernel-obs-build.spec.in: Remove SLE11 cruft\n- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).\n- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).\n- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).\n- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).\n- struct ci_hdrc: hide new member at end (git-fixes).\n- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).\n- timekeeping: Prevent 32bit truncation in (git-fixes)\n- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).\n- uprobes/x86: Fix detection of 32-bit user mode (git-fixes).\n- usb/ohci-platform: Fix a warning when hibernating (git-fixes).\n- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).\n- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).\n- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).\n- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).\n- usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).\n- usb: storage: Add check for kcalloc (git-fixes).\n- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).\n- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).\n- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).\n- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).\n- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).\n- wq: handle VM suspension in stall detection (bsc#1210466).\n- x86, boot: Remove multiple copy of static function sanitize_boot_params() (git-fixes).\n- x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines (git-fixes).\n- x86/apic: Handle missing global clockevent gracefully (git-fixes bsc#1142926).\n- x86/apic: Soft disable APIC before initializing it (git-fixes).\n- x86/boot/compressed: Disable relocation relaxation (git-fixes).\n- x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).\n- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).\n- x86/decoder: Add TEST opcode to Group3-2 (git-fixes).\n- x86/fpu: Prevent FPU state corruption (git-fixes).\n- x86/ioapic: Prevent inconsistent state when moving an interrupt (git-fixes).\n- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).\n- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).\n- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).\n- x86/lib/cpu: Address missing prototypes warning (git-fixes).\n- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).\n- x86/mce: Lower throttling MCE messages' priority to warning (git-fixes).\n- x86/mm: Stop printing BRK addresses (git-fixes).\n- x86/mm: Use the correct function type for native_set_fixmap() (git-fixes).\n- x86/pkeys: Add check for pkey 'overflow' (git-fixes).\n- x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (git-fixes).\n- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).\n- x86/sysfb: Fix check for bad VRAM size (git-fixes).\n- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).\n- x86/tools: Fix objdump version check again (git-fixes).\n- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).\n- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).\n- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).\n- x86_64: Fix jiffies ODR violation (git-fixes).\n- xfrm: policy: use hlist rcu variants on insert (git-fixes).\n- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).\n- xhci: hide include of iommu.h (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2162,SUSE-SLE-SERVER-12-SP5-2023-2162", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2162-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2162-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232162-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2162-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029327.html", }, { category: "self", summary: "SUSE Bug 1142685", url: "https://bugzilla.suse.com/1142685", }, { category: "self", summary: "SUSE Bug 1142926", url: "https://bugzilla.suse.com/1142926", }, { category: "self", summary: "SUSE Bug 1174777", url: "https://bugzilla.suse.com/1174777", }, { category: "self", summary: "SUSE Bug 1190544", url: "https://bugzilla.suse.com/1190544", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1205128", url: "https://bugzilla.suse.com/1205128", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1209342", url: "https://bugzilla.suse.com/1209342", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209777", url: "https://bugzilla.suse.com/1209777", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209887", url: "https://bugzilla.suse.com/1209887", }, { category: "self", summary: "SUSE Bug 1209969", url: "https://bugzilla.suse.com/1209969", }, { category: "self", summary: "SUSE Bug 1209999", url: "https://bugzilla.suse.com/1209999", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210430", url: "https://bugzilla.suse.com/1210430", }, { category: "self", summary: "SUSE Bug 1210460", url: "https://bugzilla.suse.com/1210460", }, { category: "self", summary: "SUSE Bug 1210466", url: "https://bugzilla.suse.com/1210466", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210534", url: "https://bugzilla.suse.com/1210534", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE Bug 1210827", url: "https://bugzilla.suse.com/1210827", }, { category: "self", summary: "SUSE Bug 1211037", url: "https://bugzilla.suse.com/1211037", }, { category: "self", summary: "SUSE CVE CVE-2020-36691 page", url: "https://www.suse.com/security/cve/CVE-2020-36691/", }, { category: "self", summary: "SUSE CVE CVE-2022-43945 page", url: "https://www.suse.com/security/cve/CVE-2022-43945/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-2483 page", url: "https://www.suse.com/security/cve/CVE-2023-2483/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-10T16:07:03Z", generator: { date: "2023-05-10T16:07:03Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2162-1", initial_release_date: "2023-05-10T16:07:03Z", revision_history: [ { date: "2023-05-10T16:07:03Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.12.14-16.133.1.noarch", product: { name: "kernel-devel-azure-4.12.14-16.133.1.noarch", product_id: "kernel-devel-azure-4.12.14-16.133.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.12.14-16.133.1.noarch", product: { name: "kernel-source-azure-4.12.14-16.133.1.noarch", product_id: "kernel-source-azure-4.12.14-16.133.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-4.12.14-16.133.1.x86_64", product: { name: "cluster-md-kmp-azure-4.12.14-16.133.1.x86_64", product_id: "cluster-md-kmp-azure-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-4.12.14-16.133.1.x86_64", product: { name: "dlm-kmp-azure-4.12.14-16.133.1.x86_64", product_id: "dlm-kmp-azure-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-4.12.14-16.133.1.x86_64", product: { name: "gfs2-kmp-azure-4.12.14-16.133.1.x86_64", product_id: "gfs2-kmp-azure-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-4.12.14-16.133.1.x86_64", product: { name: "kernel-azure-4.12.14-16.133.1.x86_64", product_id: "kernel-azure-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.12.14-16.133.1.x86_64", product: { name: "kernel-azure-base-4.12.14-16.133.1.x86_64", product_id: "kernel-azure-base-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.12.14-16.133.1.x86_64", product: { name: "kernel-azure-devel-4.12.14-16.133.1.x86_64", product_id: "kernel-azure-devel-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-4.12.14-16.133.1.x86_64", product: { name: "kernel-azure-extra-4.12.14-16.133.1.x86_64", product_id: "kernel-azure-extra-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-kgraft-devel-4.12.14-16.133.1.x86_64", product: { name: "kernel-azure-kgraft-devel-4.12.14-16.133.1.x86_64", product_id: "kernel-azure-kgraft-devel-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.12.14-16.133.1.x86_64", product: { name: "kernel-syms-azure-4.12.14-16.133.1.x86_64", product_id: "kernel-syms-azure-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-4.12.14-16.133.1.x86_64", product: { name: "kselftests-kmp-azure-4.12.14-16.133.1.x86_64", product_id: "kselftests-kmp-azure-4.12.14-16.133.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-4.12.14-16.133.1.x86_64", product: { name: "ocfs2-kmp-azure-4.12.14-16.133.1.x86_64", product_id: "ocfs2-kmp-azure-4.12.14-16.133.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-azure-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-16.133.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-16.133.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-azure-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-16.133.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-16.133.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-16.133.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-16.133.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-16.133.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36691", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36691", url: "https://www.suse.com/security/cve/CVE-2020-36691", }, { category: "external", summary: "SUSE Bug 1209613 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209613", }, { category: "external", summary: "SUSE Bug 1209777 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2020-36691", }, { cve: "CVE-2022-43945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-43945", }, ], notes: [ { category: "general", text: "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-43945", url: "https://www.suse.com/security/cve/CVE-2022-43945", }, { category: "external", summary: "SUSE Bug 1205128 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205128", }, { category: "external", summary: "SUSE Bug 1205130 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205130", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-43945", url: "https://bugzilla.suse.com/1209225", }, { category: "external", summary: "SUSE Bug 1210124 for CVE-2022-43945", url: "https://bugzilla.suse.com/1210124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "important", }, ], title: "CVE-2022-43945", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-2483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2483", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2483", url: "https://www.suse.com/security/cve/CVE-2023-2483", }, { category: "external", summary: "SUSE Bug 1211037 for CVE-2023-2483", url: "https://bugzilla.suse.com/1211037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-2483", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.133.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.133.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.133.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T16:07:03Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2156-1
Vulnerability from csaf_suse
Published
2023-05-10 11:17
Modified
2023-05-10 11:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
The following non-security bugs were fixed:
- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).
- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
- ath10k: Fix the parsing error in service available event (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: fix control-message timeout (git-fixes).
- ath10k: fix division by zero in send path (git-fixes).
- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
- audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).
- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).
- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).
- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).
- cachefiles: Fix race between read_waiter and read_copier involving op->to_do (bsc#1210430).
- cachefiles: Handle readpage error correctly (bsc#1210430).
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).
- cifs: fix negotiate context parsing (bsc#1210301).
- cifs: fix open leaks in open_cached_dir() (bsc#1209342).
- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).
- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
- drivers: net: lmc: fix case value for target abort error (git-fixes).
- fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).
- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).
- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).
- ipmi: fix SSIF not responding under certain cond (git-fixes).
- iwlwifi: Fix -EIO error code that is never returned (git-fixes).
- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).
- iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).
- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).
- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).
- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- keys: Hoist locking out of __key_link_begin() (bsc#1207088).
- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).
- l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).
- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).
- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).
- net/ncsi: Do not return error on normal response (git-fixes).
- net: axienet: Fix double deregister of mdio (git-fixes).
- net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).
- net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).
- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).
- net: prevent ISA drivers from building on PPC32 (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).
- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).
- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).
- nvme-pci: fix doorbell buffer value endianness (git-fixes).
- nvme: retain split access workaround for capability reads (git-fixes).
- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).
- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).
- powercap: fix possible name leak in powercap_register_zone() (git-fixes).
- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).
- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).
- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).
- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).
- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).
- struct ci_hdrc: hide new member at end (git-fixes).
- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).
- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).
- usb/ohci-platform: Fix a warning when hibernating (git-fixes).
- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).
- usb: storage: Add check for kcalloc (git-fixes).
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).
- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).
- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).
- wq: handle VM suspension in stall detection (bsc#1210466).
- x86/boot/compressed: Disable relocation relaxation (git-fixes).
- x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).
- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
- x86/fpu: Prevent FPU state corruption (git-fixes).
- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).
- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).
- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).
- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
- x86/mm: Stop printing BRK addresses (git-fixes).
- x86/pkeys: Add check for pkey 'overflow' (git-fixes).
- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).
- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).
- x86/tools: Fix objdump version check again (git-fixes).
- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).
- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).
- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).
- x86_64: Fix jiffies ODR violation (git-fixes).
- xfrm: policy: use hlist rcu variants on insert (git-fixes).
- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).
- xhci: hide include of iommu.h (git-fixes).
Patchnames
SUSE-2023-2156,SUSE-SLE-RT-12-SP5-2023-2156
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n\nThe following non-security bugs were fixed:\n\n- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).\n- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).\n- ath10k: Fix the parsing error in service available event (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: fix control-message timeout (git-fixes).\n- ath10k: fix division by zero in send path (git-fixes).\n- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).\n- audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).\n- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).\n- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).\n- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).\n- cachefiles: Fix race between read_waiter and read_copier involving op->to_do (bsc#1210430).\n- cachefiles: Handle readpage error correctly (bsc#1210430).\n- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- cifs: fix open leaks in open_cached_dir() (bsc#1209342).\n- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).\n- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).\n- drivers: net: lmc: fix case value for target abort error (git-fixes).\n- fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).\n- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).\n- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).\n- ipmi: fix SSIF not responding under certain cond (git-fixes).\n- iwlwifi: Fix -EIO error code that is never returned (git-fixes).\n- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).\n- iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).\n- iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).\n- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).\n- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).\n- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).\n- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- keys: Hoist locking out of __key_link_begin() (bsc#1207088).\n- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).\n- l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).\n- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).\n- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).\n- net/ncsi: Do not return error on normal response (git-fixes).\n- net: axienet: Fix double deregister of mdio (git-fixes).\n- net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).\n- net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).\n- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).\n- net: prevent ISA drivers from building on PPC32 (git-fixes).\n- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).\n- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).\n- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).\n- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).\n- nvme-pci: fix doorbell buffer value endianness (git-fixes).\n- nvme: retain split access workaround for capability reads (git-fixes).\n- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).\n- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).\n- powercap: fix possible name leak in powercap_register_zone() (git-fixes).\n- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).\n- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).\n- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).\n- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).\n- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).\n- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).\n- struct ci_hdrc: hide new member at end (git-fixes).\n- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).\n- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).\n- usb/ohci-platform: Fix a warning when hibernating (git-fixes).\n- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).\n- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).\n- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).\n- usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).\n- usb: storage: Add check for kcalloc (git-fixes).\n- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).\n- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).\n- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).\n- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).\n- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).\n- wq: handle VM suspension in stall detection (bsc#1210466).\n- x86/boot/compressed: Disable relocation relaxation (git-fixes).\n- x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).\n- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).\n- x86/fpu: Prevent FPU state corruption (git-fixes).\n- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).\n- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).\n- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).\n- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).\n- x86/mm: Stop printing BRK addresses (git-fixes).\n- x86/pkeys: Add check for pkey 'overflow' (git-fixes).\n- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).\n- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).\n- x86/tools: Fix objdump version check again (git-fixes).\n- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).\n- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).\n- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).\n- x86_64: Fix jiffies ODR violation (git-fixes).\n- xfrm: policy: use hlist rcu variants on insert (git-fixes).\n- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).\n- xhci: hide include of iommu.h (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2156,SUSE-SLE-RT-12-SP5-2023-2156", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2156-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2156-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232156-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2156-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029317.html", }, { category: "self", summary: "SUSE Bug 1142685", url: "https://bugzilla.suse.com/1142685", }, { category: "self", summary: "SUSE Bug 1174777", url: "https://bugzilla.suse.com/1174777", }, { category: "self", summary: "SUSE Bug 1190544", url: "https://bugzilla.suse.com/1190544", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1209342", url: "https://bugzilla.suse.com/1209342", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209887", url: "https://bugzilla.suse.com/1209887", }, { category: "self", summary: "SUSE Bug 1209969", url: "https://bugzilla.suse.com/1209969", }, { category: "self", summary: "SUSE Bug 1209999", url: "https://bugzilla.suse.com/1209999", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210430", url: "https://bugzilla.suse.com/1210430", }, { category: "self", summary: "SUSE Bug 1210460", url: "https://bugzilla.suse.com/1210460", }, { category: "self", summary: "SUSE Bug 1210466", url: "https://bugzilla.suse.com/1210466", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210534", url: "https://bugzilla.suse.com/1210534", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE Bug 1210827", url: "https://bugzilla.suse.com/1210827", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-10T11:17:54Z", generator: { date: "2023-05-10T11:17:54Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2156-1", initial_release_date: "2023-05-10T11:17:54Z", revision_history: [ { date: "2023-05-10T11:17:54Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-4.12.14-10.124.1.noarch", product: { name: "kernel-devel-rt-4.12.14-10.124.1.noarch", product_id: "kernel-devel-rt-4.12.14-10.124.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-4.12.14-10.124.1.noarch", product: { name: "kernel-source-rt-4.12.14-10.124.1.noarch", product_id: "kernel-source-rt-4.12.14-10.124.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", product: { name: "cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", product_id: "cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-rt_debug-4.12.14-10.124.1.x86_64", product: { name: "cluster-md-kmp-rt_debug-4.12.14-10.124.1.x86_64", product_id: "cluster-md-kmp-rt_debug-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-4.12.14-10.124.1.x86_64", product: { name: "dlm-kmp-rt-4.12.14-10.124.1.x86_64", product_id: "dlm-kmp-rt-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt_debug-4.12.14-10.124.1.x86_64", product: { name: "dlm-kmp-rt_debug-4.12.14-10.124.1.x86_64", product_id: "dlm-kmp-rt_debug-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-4.12.14-10.124.1.x86_64", product: { name: "gfs2-kmp-rt-4.12.14-10.124.1.x86_64", product_id: "gfs2-kmp-rt-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt_debug-4.12.14-10.124.1.x86_64", product: { name: "gfs2-kmp-rt_debug-4.12.14-10.124.1.x86_64", product_id: "gfs2-kmp-rt_debug-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt-4.12.14-10.124.1.x86_64", product_id: "kernel-rt-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-base-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt-base-4.12.14-10.124.1.x86_64", product_id: "kernel-rt-base-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt-devel-4.12.14-10.124.1.x86_64", product_id: "kernel-rt-devel-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt-extra-4.12.14-10.124.1.x86_64", product_id: "kernel-rt-extra-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-kgraft-devel-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt-kgraft-devel-4.12.14-10.124.1.x86_64", product_id: "kernel-rt-kgraft-devel-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt_debug-4.12.14-10.124.1.x86_64", product_id: "kernel-rt_debug-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-base-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt_debug-base-4.12.14-10.124.1.x86_64", product_id: "kernel-rt_debug-base-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", product_id: "kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-extra-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt_debug-extra-4.12.14-10.124.1.x86_64", product_id: "kernel-rt_debug-extra-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-kgraft-devel-4.12.14-10.124.1.x86_64", product: { name: "kernel-rt_debug-kgraft-devel-4.12.14-10.124.1.x86_64", product_id: "kernel-rt_debug-kgraft-devel-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-4.12.14-10.124.1.x86_64", product: { name: "kernel-syms-rt-4.12.14-10.124.1.x86_64", product_id: "kernel-syms-rt-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-4.12.14-10.124.1.x86_64", product: { name: "kselftests-kmp-rt-4.12.14-10.124.1.x86_64", product_id: "kselftests-kmp-rt-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt_debug-4.12.14-10.124.1.x86_64", product: { name: "kselftests-kmp-rt_debug-4.12.14-10.124.1.x86_64", product_id: "kselftests-kmp-rt_debug-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", product: { name: "ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", product_id: "ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt_debug-4.12.14-10.124.1.x86_64", product: { name: "ocfs2-kmp-rt_debug-4.12.14-10.124.1.x86_64", product_id: "ocfs2-kmp-rt_debug-4.12.14-10.124.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Real Time 12 SP5", product: { name: "SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", }, product_reference: "cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", }, product_reference: "dlm-kmp-rt-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", }, product_reference: "gfs2-kmp-rt-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-4.12.14-10.124.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", }, product_reference: "kernel-devel-rt-4.12.14-10.124.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", }, product_reference: "kernel-rt-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-base-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", }, product_reference: "kernel-rt-base-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", }, product_reference: "kernel-rt-devel-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", }, product_reference: "kernel-rt_debug-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", }, product_reference: "kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-4.12.14-10.124.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", }, product_reference: "kernel-source-rt-4.12.14-10.124.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", }, product_reference: "kernel-syms-rt-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-4.12.14-10.124.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5", product_id: "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", }, product_reference: "ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.124.1.noarch", "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.124.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.124.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T11:17:54Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2163-1
Vulnerability from csaf_suse
Published
2023-05-10 17:34
Modified
2023-05-10 17:34
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
The following non-security bugs were fixed:
- ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel() (git-fixes)
- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
- arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region (git-fixes)
- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).
- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
- ath10k: Fix the parsing error in service available event (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: fix control-message timeout (git-fixes).
- ath10k: fix division by zero in send path (git-fixes).
- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).
- audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).
- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).
- bs-upload-kernel: Do not skip post-build-checks
- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).
- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).
- cachefiles: Fix race between read_waiter and read_copier involving op->to_do (bsc#1210430).
- cachefiles: Handle readpage error correctly (bsc#1210430).
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).
- cifs: fix negotiate context parsing (bsc#1210301).
- cifs: fix open leaks in open_cached_dir() (bsc#1209342).
- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).
- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
- drivers: net: lmc: fix case value for target abort error (git-fixes).
- fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).
- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).
- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).
- ipmi: fix SSIF not responding under certain cond (git-fixes).
- iwlwifi: Fix -EIO error code that is never returned (git-fixes).
- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).
- iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).
- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).
- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).
- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).
- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- keys: Hoist locking out of __key_link_begin() (bsc#1207088).
- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).
- l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).
- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).
- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).
- net/ncsi: Do not return error on normal response (git-fixes).
- net: axienet: Fix double deregister of mdio (git-fixes).
- net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).
- net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).
- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).
- net: prevent ISA drivers from building on PPC32 (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).
- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).
- ntp: Limit TAI-UTC offset (git-fixes)
- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).
- nvme-pci: fix doorbell buffer value endianness (git-fixes).
- nvme: retain split access workaround for capability reads (git-fixes).
- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).
- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).
- powercap: fix possible name leak in powercap_register_zone() (git-fixes).
- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).
- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).
- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).
- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).
- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).
- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).
- struct ci_hdrc: hide new member at end (git-fixes).
- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).
- timekeeping: Prevent 32bit truncation in (git-fixes)
- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).
- uprobes/x86: Fix detection of 32-bit user mode (git-fixes).
- usb/ohci-platform: Fix a warning when hibernating (git-fixes).
- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).
- usb: storage: Add check for kcalloc (git-fixes).
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).
- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).
- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).
- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).
- wq: handle VM suspension in stall detection (bsc#1210466).
- x86, boot: Remove multiple copy of static function sanitize_boot_params() (git-fixes).
- x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines (git-fixes).
- x86/apic: Handle missing global clockevent gracefully (git-fixes bsc#1142926).
- x86/apic: Soft disable APIC before initializing it (git-fixes).
- x86/boot/compressed: Disable relocation relaxation (git-fixes).
- x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).
- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
- x86/decoder: Add TEST opcode to Group3-2 (git-fixes).
- x86/fpu: Prevent FPU state corruption (git-fixes).
- x86/ioapic: Prevent inconsistent state when moving an interrupt (git-fixes).
- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).
- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).
- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).
- x86/lib/cpu: Address missing prototypes warning (git-fixes).
- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
- x86/mce: Lower throttling MCE messages' priority to warning (git-fixes).
- x86/mm: Stop printing BRK addresses (git-fixes).
- x86/mm: Use the correct function type for native_set_fixmap() (git-fixes).
- x86/pkeys: Add check for pkey 'overflow' (git-fixes).
- x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (git-fixes).
- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).
- x86/sysfb: Fix check for bad VRAM size (git-fixes).
- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).
- x86/tools: Fix objdump version check again (git-fixes).
- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).
- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).
- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).
- x86_64: Fix jiffies ODR violation (git-fixes).
- xfrm: policy: use hlist rcu variants on insert (git-fixes).
- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).
- xhci: hide include of iommu.h (git-fixes).
Patchnames
SUSE-2023-2163,SUSE-SLE-HA-12-SP5-2023-2163,SUSE-SLE-Live-Patching-12-SP5-2023-2163,SUSE-SLE-SDK-12-SP5-2023-2163,SUSE-SLE-SERVER-12-SP5-2023-2163,SUSE-SLE-WE-12-SP5-2023-2163
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition (bsc#1211037).\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).\n\nThe following non-security bugs were fixed:\n\n- ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel() (git-fixes)\n- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).\n- arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region (git-fixes)\n- ath10k: Fix error handling in case of CE pipe init failure (git-fixes).\n- ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).\n- ath10k: Fix the parsing error in service available event (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: fix control-message timeout (git-fixes).\n- ath10k: fix division by zero in send path (git-fixes).\n- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (git-fixes).\n- audit: improve audit queue handling when 'audit=1' on cmdline (bsc#1209969).\n- bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B (git-fixes).\n- bs-upload-kernel: Do not skip post-build-checks\n- cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).\n- cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (bsc#1210430).\n- cachefiles: Fix race between read_waiter and read_copier involving op->to_do (bsc#1210430).\n- cachefiles: Handle readpage error correctly (bsc#1210430).\n- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- cifs: fix open leaks in open_cached_dir() (bsc#1209342).\n- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).\n- crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).\n- drivers: net: lmc: fix case value for target abort error (git-fixes).\n- fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).\n- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).\n- intel_pmc_ipc: restore ability to call functions with irq enabled (git-fixes).\n- ipmi: fix SSIF not responding under certain cond (git-fixes).\n- iwlwifi: Fix -EIO error code that is never returned (git-fixes).\n- iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).\n- iwlwifi: pcie: fix locking when 'HW not ready' (git-fixes).\n- iwlwifi: pcie: gen2: fix locking when 'HW not ready' (git-fixes).\n- iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).\n- kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).\n- kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).\n- keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- keys: Hoist locking out of __key_link_begin() (bsc#1207088).\n- kretprobe: Prevent triggering kretprobe from within kprobe_flush_task (git-fixes).\n- l2tp: clean up stale tunnel or session in pppol2tp_connect's error path (git-fixes).\n- l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect() (git-fixes).\n- l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).\n- net/ncsi: Do not return error on normal response (git-fixes).\n- net: axienet: Fix double deregister of mdio (git-fixes).\n- net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).\n- net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency (git-fixes).\n- net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (git-fixes).\n- net: prevent ISA drivers from building on PPC32 (git-fixes).\n- net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).\n- netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup() (git-fixes).\n- netfilter: x_tables: Add note about how to free percpu counters (git-fixes).\n- ntp: Limit TAI-UTC offset (git-fixes)\n- nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (git-fixes).\n- nvme-pci: fix doorbell buffer value endianness (git-fixes).\n- nvme: retain split access workaround for capability reads (git-fixes).\n- platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function (git-fixes).\n- platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates (git-fixes).\n- powercap: fix possible name leak in powercap_register_zone() (git-fixes).\n- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999 ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- printk: Give error on attempt to set log buffer length to over 2G (bsc#1210534).\n- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).\n- s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).\n- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).\n- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (git-fixes).\n- sctp: use the right sk after waking up from wait_buf sleep (git-fixes).\n- struct ci_hdrc: hide new member at end (git-fixes).\n- struct wmi_svc_avail_ev_arg: new member to end (git-fixes).\n- timekeeping: Prevent 32bit truncation in (git-fixes)\n- tuntap: fix dividing by zero in ebpf queue selection (git-fixes).\n- uprobes/x86: Fix detection of 32-bit user mode (git-fixes).\n- usb/ohci-platform: Fix a warning when hibernating (git-fixes).\n- usb: chipidea: core: fix possible concurrent when switch role (git-fixes).\n- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).\n- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).\n- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).\n- usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).\n- usb: storage: Add check for kcalloc (git-fixes).\n- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (git-fixes).\n- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-fixes).\n- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).\n- workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).\n- workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#1210460).\n- wq: handle VM suspension in stall detection (bsc#1210466).\n- x86, boot: Remove multiple copy of static function sanitize_boot_params() (git-fixes).\n- x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines (git-fixes).\n- x86/apic: Handle missing global clockevent gracefully (git-fixes bsc#1142926).\n- x86/apic: Soft disable APIC before initializing it (git-fixes).\n- x86/boot/compressed: Disable relocation relaxation (git-fixes).\n- x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).\n- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).\n- x86/decoder: Add TEST opcode to Group3-2 (git-fixes).\n- x86/fpu: Prevent FPU state corruption (git-fixes).\n- x86/ioapic: Prevent inconsistent state when moving an interrupt (git-fixes).\n- x86/irq: Ensure PI wakeup handler is unregistered before module unload (git-fixes).\n- x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).\n- x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).\n- x86/lib/cpu: Address missing prototypes warning (git-fixes).\n- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).\n- x86/mce: Lower throttling MCE messages' priority to warning (git-fixes).\n- x86/mm: Stop printing BRK addresses (git-fixes).\n- x86/mm: Use the correct function type for native_set_fixmap() (git-fixes).\n- x86/pkeys: Add check for pkey 'overflow' (git-fixes).\n- x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (git-fixes).\n- x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline (git-fixes).\n- x86/sysfb: Fix check for bad VRAM size (git-fixes).\n- x86/tools/relocs: Fix non-POSIX regexp (git-fixes).\n- x86/tools: Fix objdump version check again (git-fixes).\n- x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).\n- x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).\n- x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).\n- x86_64: Fix jiffies ODR violation (git-fixes).\n- xfrm: policy: use hlist rcu variants on insert (git-fixes).\n- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).\n- xhci: hide include of iommu.h (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2163,SUSE-SLE-HA-12-SP5-2023-2163,SUSE-SLE-Live-Patching-12-SP5-2023-2163,SUSE-SLE-SDK-12-SP5-2023-2163,SUSE-SLE-SERVER-12-SP5-2023-2163,SUSE-SLE-WE-12-SP5-2023-2163", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2163-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2163-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232163-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2163-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029351.html", }, { category: "self", summary: "SUSE Bug 1142685", url: "https://bugzilla.suse.com/1142685", }, { category: "self", summary: "SUSE Bug 1142926", url: "https://bugzilla.suse.com/1142926", }, { category: "self", summary: "SUSE Bug 1174777", url: "https://bugzilla.suse.com/1174777", }, { category: "self", summary: "SUSE Bug 1190544", url: "https://bugzilla.suse.com/1190544", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1205128", url: "https://bugzilla.suse.com/1205128", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1209342", url: "https://bugzilla.suse.com/1209342", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209777", url: "https://bugzilla.suse.com/1209777", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209887", url: "https://bugzilla.suse.com/1209887", }, { category: "self", summary: "SUSE Bug 1209969", url: "https://bugzilla.suse.com/1209969", }, { category: "self", summary: "SUSE Bug 1209999", url: "https://bugzilla.suse.com/1209999", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210430", url: "https://bugzilla.suse.com/1210430", }, { category: "self", summary: "SUSE Bug 1210460", url: "https://bugzilla.suse.com/1210460", }, { category: "self", summary: "SUSE Bug 1210466", url: "https://bugzilla.suse.com/1210466", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210534", url: "https://bugzilla.suse.com/1210534", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE Bug 1210827", url: "https://bugzilla.suse.com/1210827", }, { category: "self", summary: "SUSE Bug 1211037", url: "https://bugzilla.suse.com/1211037", }, { category: "self", summary: "SUSE CVE CVE-2020-36691 page", url: "https://www.suse.com/security/cve/CVE-2020-36691/", }, { category: "self", summary: "SUSE CVE CVE-2022-43945 page", url: "https://www.suse.com/security/cve/CVE-2022-43945/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-2483 page", url: "https://www.suse.com/security/cve/CVE-2023-2483/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-10T17:34:44Z", generator: { date: "2023-05-10T17:34:44Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2163-1", initial_release_date: "2023-05-10T17:34:44Z", revision_history: [ { date: "2023-05-10T17:34:44Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-122.159.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-122.159.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-122.159.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-122.159.1.aarch64", product_id: "dlm-kmp-default-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-122.159.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-122.159.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.12.14-122.159.1.aarch64", product: { name: "kernel-default-4.12.14-122.159.1.aarch64", product_id: "kernel-default-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-122.159.1.aarch64", product: { name: "kernel-default-base-4.12.14-122.159.1.aarch64", product_id: "kernel-default-base-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-122.159.1.aarch64", product: { name: "kernel-default-devel-4.12.14-122.159.1.aarch64", product_id: "kernel-default-devel-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-122.159.1.aarch64", product: { name: "kernel-default-extra-4.12.14-122.159.1.aarch64", product_id: "kernel-default-extra-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-122.159.1.aarch64", product: { name: "kernel-default-kgraft-4.12.14-122.159.1.aarch64", product_id: "kernel-default-kgraft-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-122.159.1.aarch64", product: { name: "kernel-default-kgraft-devel-4.12.14-122.159.1.aarch64", product_id: "kernel-default-kgraft-devel-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-122.159.1.aarch64", product: { name: "kernel-obs-build-4.12.14-122.159.1.aarch64", product_id: "kernel-obs-build-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-122.159.1.aarch64", product: { name: "kernel-obs-qa-4.12.14-122.159.1.aarch64", product_id: "kernel-obs-qa-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-122.159.1.aarch64", product: { name: "kernel-syms-4.12.14-122.159.1.aarch64", product_id: "kernel-syms-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-122.159.1.aarch64", product: { name: "kernel-vanilla-4.12.14-122.159.1.aarch64", product_id: "kernel-vanilla-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-122.159.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-122.159.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-122.159.1.aarch64", product: { name: "kernel-vanilla-devel-4.12.14-122.159.1.aarch64", product_id: "kernel-vanilla-devel-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.aarch64", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.aarch64", product_id: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-122.159.1.aarch64", product: { name: "kselftests-kmp-default-4.12.14-122.159.1.aarch64", product_id: "kselftests-kmp-default-4.12.14-122.159.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-122.159.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-122.159.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-122.159.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-122.159.1.noarch", product: { name: "kernel-devel-4.12.14-122.159.1.noarch", product_id: "kernel-devel-4.12.14-122.159.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-122.159.1.noarch", product: { name: "kernel-docs-4.12.14-122.159.1.noarch", product_id: "kernel-docs-4.12.14-122.159.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-122.159.1.noarch", product: { name: "kernel-docs-html-4.12.14-122.159.1.noarch", product_id: "kernel-docs-html-4.12.14-122.159.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-122.159.1.noarch", product: { name: "kernel-macros-4.12.14-122.159.1.noarch", product_id: "kernel-macros-4.12.14-122.159.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-122.159.1.noarch", product: { name: "kernel-source-4.12.14-122.159.1.noarch", product_id: "kernel-source-4.12.14-122.159.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-122.159.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-122.159.1.noarch", product_id: "kernel-source-vanilla-4.12.14-122.159.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-122.159.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-122.159.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-122.159.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-122.159.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.12.14-122.159.1.ppc64le", product: { name: "kernel-debug-4.12.14-122.159.1.ppc64le", product_id: "kernel-debug-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-122.159.1.ppc64le", product: { name: "kernel-debug-base-4.12.14-122.159.1.ppc64le", product_id: "kernel-debug-base-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-122.159.1.ppc64le", product: { name: "kernel-debug-devel-4.12.14-122.159.1.ppc64le", product_id: "kernel-debug-devel-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-kgraft-devel-4.12.14-122.159.1.ppc64le", product: { name: "kernel-debug-kgraft-devel-4.12.14-122.159.1.ppc64le", product_id: "kernel-debug-kgraft-devel-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.12.14-122.159.1.ppc64le", product: { name: "kernel-default-4.12.14-122.159.1.ppc64le", product_id: "kernel-default-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-122.159.1.ppc64le", product: { name: "kernel-default-base-4.12.14-122.159.1.ppc64le", product_id: "kernel-default-base-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-122.159.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-122.159.1.ppc64le", product_id: "kernel-default-devel-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-122.159.1.ppc64le", product: { name: "kernel-default-extra-4.12.14-122.159.1.ppc64le", product_id: "kernel-default-extra-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-122.159.1.ppc64le", product: { name: "kernel-default-kgraft-4.12.14-122.159.1.ppc64le", product_id: "kernel-default-kgraft-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", product: { name: "kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", product_id: "kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-122.159.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-122.159.1.ppc64le", product_id: "kernel-obs-build-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-122.159.1.ppc64le", product: { name: "kernel-obs-qa-4.12.14-122.159.1.ppc64le", product_id: "kernel-obs-qa-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-122.159.1.ppc64le", product: { name: "kernel-syms-4.12.14-122.159.1.ppc64le", product_id: "kernel-syms-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-122.159.1.ppc64le", product: { name: "kernel-vanilla-4.12.14-122.159.1.ppc64le", product_id: "kernel-vanilla-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-122.159.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-122.159.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-122.159.1.ppc64le", product: { name: "kernel-vanilla-devel-4.12.14-122.159.1.ppc64le", product_id: "kernel-vanilla-devel-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.ppc64le", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.ppc64le", product_id: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", product: { name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", product_id: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-122.159.1.ppc64le", product: { name: "kselftests-kmp-default-4.12.14-122.159.1.ppc64le", product_id: "kselftests-kmp-default-4.12.14-122.159.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-122.159.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-122.159.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-122.159.1.s390x", product: { name: "dlm-kmp-default-4.12.14-122.159.1.s390x", product_id: "dlm-kmp-default-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-122.159.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-122.159.1.s390x", product_id: "gfs2-kmp-default-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.12.14-122.159.1.s390x", product: { name: "kernel-default-4.12.14-122.159.1.s390x", product_id: "kernel-default-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-122.159.1.s390x", product: { name: "kernel-default-base-4.12.14-122.159.1.s390x", product_id: "kernel-default-base-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-122.159.1.s390x", product: { name: "kernel-default-devel-4.12.14-122.159.1.s390x", product_id: "kernel-default-devel-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-122.159.1.s390x", product: { name: "kernel-default-extra-4.12.14-122.159.1.s390x", product_id: "kernel-default-extra-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-122.159.1.s390x", product: { name: "kernel-default-kgraft-4.12.14-122.159.1.s390x", product_id: "kernel-default-kgraft-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", product: { name: "kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", product_id: "kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-122.159.1.s390x", product: { name: "kernel-default-man-4.12.14-122.159.1.s390x", product_id: "kernel-default-man-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-122.159.1.s390x", product: { name: "kernel-obs-build-4.12.14-122.159.1.s390x", product_id: "kernel-obs-build-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-122.159.1.s390x", product: { name: "kernel-obs-qa-4.12.14-122.159.1.s390x", product_id: "kernel-obs-qa-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-122.159.1.s390x", product: { name: "kernel-syms-4.12.14-122.159.1.s390x", product_id: "kernel-syms-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-122.159.1.s390x", product: { name: "kernel-vanilla-4.12.14-122.159.1.s390x", product_id: "kernel-vanilla-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-122.159.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-122.159.1.s390x", product_id: "kernel-vanilla-base-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-122.159.1.s390x", product: { name: "kernel-vanilla-devel-4.12.14-122.159.1.s390x", product_id: "kernel-vanilla-devel-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.s390x", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.s390x", product_id: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-122.159.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-122.159.1.s390x", product_id: "kernel-zfcpdump-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-man-4.12.14-122.159.1.s390x", product: { name: "kernel-zfcpdump-man-4.12.14-122.159.1.s390x", product_id: "kernel-zfcpdump-man-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", product: { name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", product_id: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-122.159.1.s390x", product: { name: "kselftests-kmp-default-4.12.14-122.159.1.s390x", product_id: "kselftests-kmp-default-4.12.14-122.159.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-122.159.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-122.159.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-122.159.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-122.159.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-122.159.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-122.159.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-122.159.1.x86_64", product_id: "dlm-kmp-default-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-122.159.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-122.159.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.12.14-122.159.1.x86_64", product: { name: "kernel-debug-4.12.14-122.159.1.x86_64", product_id: "kernel-debug-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-122.159.1.x86_64", product: { name: "kernel-debug-base-4.12.14-122.159.1.x86_64", product_id: "kernel-debug-base-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-debug-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-kgraft-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-debug-kgraft-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-debug-kgraft-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-122.159.1.x86_64", product: { name: "kernel-default-4.12.14-122.159.1.x86_64", product_id: "kernel-default-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-122.159.1.x86_64", product: { name: "kernel-default-base-4.12.14-122.159.1.x86_64", product_id: "kernel-default-base-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-default-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-default-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-122.159.1.x86_64", product: { name: "kernel-default-extra-4.12.14-122.159.1.x86_64", product_id: "kernel-default-extra-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.12.14-122.159.1.x86_64", product: { name: "kernel-default-kgraft-4.12.14-122.159.1.x86_64", product_id: "kernel-default-kgraft-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-122.159.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-122.159.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-122.159.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-122.159.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-kgraft-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-kvmsmall-kgraft-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-kvmsmall-kgraft-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-122.159.1.x86_64", product: { name: "kernel-obs-build-4.12.14-122.159.1.x86_64", product_id: "kernel-obs-build-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-122.159.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-122.159.1.x86_64", product_id: "kernel-obs-qa-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-122.159.1.x86_64", product: { name: "kernel-syms-4.12.14-122.159.1.x86_64", product_id: "kernel-syms-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-122.159.1.x86_64", product: { name: "kernel-vanilla-4.12.14-122.159.1.x86_64", product_id: "kernel-vanilla-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-122.159.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-122.159.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.x86_64", product: { name: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.x86_64", product_id: "kernel-vanilla-kgraft-devel-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", product: { name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", product_id: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-122.159.1.x86_64", product: { name: "kselftests-kmp-default-4.12.14-122.159.1.x86_64", product_id: "kselftests-kmp-default-4.12.14-122.159.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-122.159.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-122.159.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-122.159.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP5", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12 SP5", product: { name: "SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP5", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 12 SP5", product: { name: "SUSE Linux Enterprise Workstation Extension 12 SP5", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-kgraft-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-kgraft-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-kgraft-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-devel-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", }, product_reference: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", }, product_reference: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5", product_id: "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", }, product_reference: "kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-122.159.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", }, product_reference: "kernel-docs-4.12.14-122.159.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", }, product_reference: "kernel-obs-build-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-default-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-base-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-man-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-122.159.1.noarch as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", }, product_reference: "kernel-devel-4.12.14-122.159.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-122.159.1.noarch as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", }, product_reference: "kernel-macros-4.12.14-122.159.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-122.159.1.noarch as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", }, product_reference: "kernel-source-4.12.14-122.159.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-syms-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", }, product_reference: "kernel-syms-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-syms-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-default-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-base-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", }, product_reference: "kernel-default-man-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-122.159.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", }, product_reference: "kernel-devel-4.12.14-122.159.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-122.159.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", }, product_reference: "kernel-macros-4.12.14-122.159.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-122.159.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", }, product_reference: "kernel-source-4.12.14-122.159.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", }, product_reference: "kernel-syms-4.12.14-122.159.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-122.159.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", }, product_reference: "kernel-syms-4.12.14-122.159.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-syms-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-122.159.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP5", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-122.159.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36691", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36691", url: "https://www.suse.com/security/cve/CVE-2020-36691", }, { category: "external", summary: "SUSE Bug 1209613 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209613", }, { category: "external", summary: "SUSE Bug 1209777 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2020-36691", }, { cve: "CVE-2022-43945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-43945", }, ], notes: [ { category: "general", text: "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-43945", url: "https://www.suse.com/security/cve/CVE-2022-43945", }, { category: "external", summary: "SUSE Bug 1205128 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205128", }, { category: "external", summary: "SUSE Bug 1205130 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205130", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-43945", url: "https://bugzilla.suse.com/1209225", }, { category: "external", summary: "SUSE Bug 1210124 for CVE-2022-43945", url: "https://bugzilla.suse.com/1210124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "important", }, ], title: "CVE-2022-43945", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-2483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2483", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-33203. Reason: This candidate is a reservation duplicate of CVE-2023-33203. Notes: All CVE users should reference CVE-2023-33203 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2483", url: "https://www.suse.com/security/cve/CVE-2023-2483", }, { category: "external", summary: "SUSE Bug 1211037 for CVE-2023-2483", url: "https://bugzilla.suse.com/1211037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-2483", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.s390x", "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_159-default-1-8.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.159.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.159.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.159.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-10T17:34:44Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2805-1
Vulnerability from csaf_suse
Published
2023-07-11 04:31
Modified
2023-07-11 04:31
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).
- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).
- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).
- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).
- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).
- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).
- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).
- CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
- CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
- CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
The following non-security bugs were fixed:
- Do not sign the vanilla kernel (bsc#1209008).
- Drop dvb-core fix patch due to regression (bsc#1205758).
- Revert CVE-2018-20784 due to regression (bsc#1126703).
- binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039 CVE-2023-1249).
- bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052 CVE-2023-28464).
- bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (CVE-2023-1989 bsc#1210336).
- btrfs: fix race between quota disable and quota assign ioctls (CVE-2023-1611 bsc#1209687).
- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036 CVE-2023-23454 bsc#1207125 CVE-2023-23455).
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
- ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105 CVE-2023-2513).
- fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
- firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).
- fix a mistake in the CVE-2023-0590 / bsc#1207795 backport
- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#1210715 CVE-2023-2194).
- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).
- ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842 CVE-2023-3090).
- kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753).
- kvm: initialize all of the kvm_debugregs structure before sending it to userspace (bsc#1209532 CVE-2023-1513).
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).
- media: dvb-core: Fix use-after-free due on race condition at dvb_net (CVE-2022-45886 bsc#1205760).
- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (CVE-2022-45884 bsc#1205756).
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).
- media: dvb-core: Fix use-after-free on race condition at dvb_frontend (CVE-2022-45885 bsc#1205758).
- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#1209291 CVE-2023-28328).
- media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758).
- media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760).
- media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc#1205756).
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118 bsc#1208837).
- media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887 bsc#1205762).
- memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#1210940 CVE-2023-31436).
- netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095 bsc#1208777).
- netrom: Fix use-after-free caused by accept on already connected socket (bsc#1211186 CVE-2023-32269).
- nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (git-fixes bsc#1210337 CVE-2023-1990).
- power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (CVE-2023-30772 bsc#1210329).
- prlimit: do_prlimit needs to have a speculation check (bsc#1209256 CVE-2017-5753).
- sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600 CVE-2023-1077).
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (bsc#1210647 CVE-2023-2162).
- seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772).
- tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566).
- tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390).
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#1209287 CVE-2023-1380).
- x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506 CVE-2023-1998).
- xfs: verify buffer contents when we skip log replay (bsc#1210498 CVE-2023-2124).
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871 CVE-2023-1670).
Patchnames
SUSE-2023-2805,SUSE-SLE-SERVER-12-SP2-BCL-2023-2805
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).\n- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).\n- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).\n- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).\n- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).\n- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).\n- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).\n- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).\n- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).\n- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).\n- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).\n- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).\n- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).\n- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).\n- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).\n- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).\n- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).\n- CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).\n- CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).\n- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).\n- CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).\n- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).\n- CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).\n\nThe following non-security bugs were fixed:\n\n- Do not sign the vanilla kernel (bsc#1209008).\n- Drop dvb-core fix patch due to regression (bsc#1205758).\n- Revert CVE-2018-20784 due to regression (bsc#1126703).\n- binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039 CVE-2023-1249).\n- bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052 CVE-2023-28464).\n- bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (CVE-2023-1989 bsc#1210336).\n- btrfs: fix race between quota disable and quota assign ioctls (CVE-2023-1611 bsc#1209687).\n- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036 CVE-2023-23454 bsc#1207125 CVE-2023-23455).\n- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).\n- ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105 CVE-2023-2513).\n- fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).\n- firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).\n- fix a mistake in the CVE-2023-0590 / bsc#1207795 backport\n- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#1210715 CVE-2023-2194).\n- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).\n- ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842 CVE-2023-3090).\n- kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753).\n- kvm: initialize all of the kvm_debugregs structure before sending it to userspace (bsc#1209532 CVE-2023-1513).\n- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).\n- media: dvb-core: Fix use-after-free due on race condition at dvb_net (CVE-2022-45886 bsc#1205760).\n- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (CVE-2022-45884 bsc#1205756).\n- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).\n- media: dvb-core: Fix use-after-free on race condition at dvb_frontend (CVE-2022-45885 bsc#1205758).\n- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#1209291 CVE-2023-28328).\n- media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758).\n- media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760).\n- media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc#1205756).\n- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118 bsc#1208837).\n- media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887 bsc#1205762).\n- memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).\n- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#1210940 CVE-2023-31436).\n- netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095 bsc#1208777).\n- netrom: Fix use-after-free caused by accept on already connected socket (bsc#1211186 CVE-2023-32269).\n- nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (git-fixes bsc#1210337 CVE-2023-1990).\n- power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (CVE-2023-30772 bsc#1210329).\n- prlimit: do_prlimit needs to have a speculation check (bsc#1209256 CVE-2017-5753).\n- sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600 CVE-2023-1077).\n- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (bsc#1210647 CVE-2023-2162).\n- seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772).\n- tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566).\n- tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390).\n- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#1209287 CVE-2023-1380).\n- x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506 CVE-2023-1998).\n- xfs: verify buffer contents when we skip log replay (bsc#1210498 CVE-2023-2124).\n- xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871 CVE-2023-1670).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2805,SUSE-SLE-SERVER-12-SP2-BCL-2023-2805", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2805-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2805-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232805-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2805-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015468.html", }, { category: "self", summary: "SUSE Bug 1126703", url: "https://bugzilla.suse.com/1126703", }, { category: "self", summary: "SUSE Bug 1204405", url: "https://bugzilla.suse.com/1204405", }, { category: "self", summary: "SUSE Bug 1205756", url: "https://bugzilla.suse.com/1205756", }, { category: "self", summary: "SUSE Bug 1205758", url: "https://bugzilla.suse.com/1205758", }, { category: "self", summary: "SUSE Bug 1205760", url: "https://bugzilla.suse.com/1205760", }, { category: "self", summary: "SUSE Bug 1205762", url: "https://bugzilla.suse.com/1205762", }, { category: "self", summary: "SUSE Bug 1205803", url: "https://bugzilla.suse.com/1205803", }, { category: "self", summary: "SUSE Bug 1206878", url: "https://bugzilla.suse.com/1206878", }, { category: "self", summary: "SUSE Bug 1207036", url: "https://bugzilla.suse.com/1207036", }, { category: "self", summary: "SUSE Bug 1207125", url: "https://bugzilla.suse.com/1207125", }, { category: "self", summary: "SUSE Bug 1207168", url: "https://bugzilla.suse.com/1207168", }, { category: "self", summary: "SUSE Bug 1207795", url: "https://bugzilla.suse.com/1207795", }, { category: "self", summary: "SUSE Bug 1208600", url: "https://bugzilla.suse.com/1208600", }, { category: "self", summary: "SUSE Bug 1208777", url: "https://bugzilla.suse.com/1208777", }, { category: "self", summary: "SUSE Bug 1208837", url: "https://bugzilla.suse.com/1208837", }, { category: "self", summary: "SUSE Bug 1209008", url: "https://bugzilla.suse.com/1209008", }, { category: "self", summary: "SUSE Bug 1209039", url: "https://bugzilla.suse.com/1209039", }, { category: "self", summary: "SUSE Bug 1209052", url: "https://bugzilla.suse.com/1209052", }, { category: "self", summary: "SUSE Bug 1209256", url: "https://bugzilla.suse.com/1209256", }, { category: "self", summary: "SUSE Bug 1209287", url: "https://bugzilla.suse.com/1209287", }, { category: "self", summary: "SUSE Bug 1209289", url: "https://bugzilla.suse.com/1209289", }, { category: "self", summary: "SUSE Bug 1209291", url: "https://bugzilla.suse.com/1209291", }, { category: "self", summary: "SUSE Bug 1209532", url: "https://bugzilla.suse.com/1209532", }, { category: "self", summary: "SUSE Bug 1209549", url: "https://bugzilla.suse.com/1209549", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE Bug 1210715", url: "https://bugzilla.suse.com/1210715", }, { category: "self", summary: "SUSE Bug 1210940", url: "https://bugzilla.suse.com/1210940", }, { category: "self", summary: "SUSE Bug 1211105", url: "https://bugzilla.suse.com/1211105", }, { category: "self", summary: "SUSE Bug 1211186", url: "https://bugzilla.suse.com/1211186", }, { category: "self", summary: "SUSE Bug 1211449", url: "https://bugzilla.suse.com/1211449", }, { category: "self", summary: "SUSE Bug 1212128", url: "https://bugzilla.suse.com/1212128", }, { category: "self", summary: "SUSE Bug 1212129", url: "https://bugzilla.suse.com/1212129", }, { category: "self", summary: "SUSE Bug 1212154", url: "https://bugzilla.suse.com/1212154", }, { category: "self", summary: "SUSE Bug 1212501", url: "https://bugzilla.suse.com/1212501", }, { category: "self", summary: "SUSE Bug 1212842", url: "https://bugzilla.suse.com/1212842", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2018-20784 page", url: "https://www.suse.com/security/cve/CVE-2018-20784/", }, { category: "self", summary: "SUSE CVE CVE-2022-3566 page", url: "https://www.suse.com/security/cve/CVE-2022-3566/", }, { category: "self", summary: "SUSE CVE CVE-2022-45884 page", url: "https://www.suse.com/security/cve/CVE-2022-45884/", }, { category: "self", summary: "SUSE CVE CVE-2022-45885 page", url: "https://www.suse.com/security/cve/CVE-2022-45885/", }, { category: "self", summary: "SUSE CVE CVE-2022-45886 page", url: "https://www.suse.com/security/cve/CVE-2022-45886/", }, { category: "self", summary: "SUSE CVE CVE-2022-45887 page", url: "https://www.suse.com/security/cve/CVE-2022-45887/", }, { category: "self", summary: "SUSE CVE CVE-2022-45919 page", url: "https://www.suse.com/security/cve/CVE-2022-45919/", }, { category: "self", summary: "SUSE CVE CVE-2023-0590 page", url: "https://www.suse.com/security/cve/CVE-2023-0590/", }, { category: "self", summary: "SUSE CVE CVE-2023-1077 page", url: "https://www.suse.com/security/cve/CVE-2023-1077/", }, { category: "self", summary: "SUSE CVE CVE-2023-1095 page", url: "https://www.suse.com/security/cve/CVE-2023-1095/", }, { category: "self", summary: "SUSE CVE CVE-2023-1118 page", url: "https://www.suse.com/security/cve/CVE-2023-1118/", }, { category: "self", summary: "SUSE CVE CVE-2023-1249 page", url: "https://www.suse.com/security/cve/CVE-2023-1249/", }, { category: "self", summary: "SUSE CVE CVE-2023-1380 page", url: "https://www.suse.com/security/cve/CVE-2023-1380/", }, { category: "self", summary: "SUSE CVE CVE-2023-1390 page", url: "https://www.suse.com/security/cve/CVE-2023-1390/", }, { category: "self", summary: "SUSE CVE CVE-2023-1513 page", url: "https://www.suse.com/security/cve/CVE-2023-1513/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-2194 page", url: "https://www.suse.com/security/cve/CVE-2023-2194/", }, { category: "self", summary: "SUSE CVE CVE-2023-23454 page", url: "https://www.suse.com/security/cve/CVE-2023-23454/", }, { category: "self", summary: "SUSE CVE CVE-2023-23455 page", url: "https://www.suse.com/security/cve/CVE-2023-23455/", }, { category: "self", summary: "SUSE CVE CVE-2023-2513 page", url: "https://www.suse.com/security/cve/CVE-2023-2513/", }, { category: "self", summary: "SUSE CVE CVE-2023-28328 page", url: "https://www.suse.com/security/cve/CVE-2023-28328/", }, { category: "self", summary: "SUSE CVE CVE-2023-28464 page", url: "https://www.suse.com/security/cve/CVE-2023-28464/", }, { category: "self", summary: "SUSE CVE CVE-2023-28772 page", url: "https://www.suse.com/security/cve/CVE-2023-28772/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, { category: "self", summary: "SUSE CVE CVE-2023-3090 page", url: "https://www.suse.com/security/cve/CVE-2023-3090/", }, { category: "self", summary: "SUSE CVE CVE-2023-3141 page", url: "https://www.suse.com/security/cve/CVE-2023-3141/", }, { category: "self", summary: "SUSE CVE CVE-2023-31436 page", url: "https://www.suse.com/security/cve/CVE-2023-31436/", }, { category: "self", summary: "SUSE CVE CVE-2023-3159 page", url: "https://www.suse.com/security/cve/CVE-2023-3159/", }, { category: "self", summary: "SUSE CVE CVE-2023-3161 page", url: "https://www.suse.com/security/cve/CVE-2023-3161/", }, { category: "self", summary: "SUSE CVE CVE-2023-32269 page", url: "https://www.suse.com/security/cve/CVE-2023-32269/", }, { category: "self", summary: "SUSE CVE CVE-2023-35824 page", url: "https://www.suse.com/security/cve/CVE-2023-35824/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-07-11T04:31:55Z", generator: { date: "2023-07-11T04:31:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2805-1", initial_release_date: "2023-07-11T04:31:55Z", revision_history: [ { date: "2023-07-11T04:31:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.aarch64", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.aarch64", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "dlm-kmp-default-4.4.121-92.205.1.aarch64", product_id: "dlm-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.aarch64", product_id: "gfs2-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-4.4.121-92.205.1.aarch64", product_id: "kernel-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-base-4.4.121-92.205.1.aarch64", product_id: "kernel-default-base-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-devel-4.4.121-92.205.1.aarch64", product_id: "kernel-default-devel-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-extra-4.4.121-92.205.1.aarch64", product_id: "kernel-default-extra-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.aarch64", product_id: "kernel-default-kgraft-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.aarch64", product: { name: "kernel-obs-build-4.4.121-92.205.1.aarch64", product_id: "kernel-obs-build-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.aarch64", product: { name: "kernel-obs-qa-4.4.121-92.205.1.aarch64", product_id: "kernel-obs-qa-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.aarch64", product: { name: "kernel-syms-4.4.121-92.205.1.aarch64", product_id: "kernel-syms-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.aarch64", product: { name: "kernel-vanilla-4.4.121-92.205.1.aarch64", product_id: "kernel-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.aarch64", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.aarch64", product_id: "kernel-vanilla-base-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.aarch64", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.aarch64", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.aarch64", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.121-92.205.1.noarch", product: { name: "kernel-devel-4.4.121-92.205.1.noarch", product_id: "kernel-devel-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.121-92.205.1.noarch", product: { name: "kernel-docs-4.4.121-92.205.1.noarch", product_id: "kernel-docs-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.4.121-92.205.1.noarch", product: { name: "kernel-docs-html-4.4.121-92.205.1.noarch", product_id: "kernel-docs-html-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-docs-pdf-4.4.121-92.205.1.noarch", product: { name: "kernel-docs-pdf-4.4.121-92.205.1.noarch", product_id: "kernel-docs-pdf-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.121-92.205.1.noarch", product: { name: "kernel-macros-4.4.121-92.205.1.noarch", product_id: "kernel-macros-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.121-92.205.1.noarch", product: { name: "kernel-source-4.4.121-92.205.1.noarch", product_id: "kernel-source-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.4.121-92.205.1.noarch", product: { name: "kernel-source-vanilla-4.4.121-92.205.1.noarch", product_id: "kernel-source-vanilla-4.4.121-92.205.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "cluster-md-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "cluster-md-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "cluster-network-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "cluster-network-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "dlm-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "dlm-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "dlm-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "dlm-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "gfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "gfs2-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "gfs2-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-base-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-base-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-devel-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-devel-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-extra-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-extra-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-kgraft-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-kgraft-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-base-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-base-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-devel-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-devel-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-extra-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-extra-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-kgraft-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.ppc64le", product: { name: "kernel-obs-build-4.4.121-92.205.1.ppc64le", product_id: "kernel-obs-build-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.ppc64le", product: { name: "kernel-obs-qa-4.4.121-92.205.1.ppc64le", product_id: "kernel-obs-qa-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.ppc64le", product: { name: "kernel-syms-4.4.121-92.205.1.ppc64le", product_id: "kernel-syms-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "kernel-vanilla-4.4.121-92.205.1.ppc64le", product_id: "kernel-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.ppc64le", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.ppc64le", product_id: "kernel-vanilla-base-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.ppc64le", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.ppc64le", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "ocfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "ocfs2-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.s390x", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.s390x", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.s390x", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.s390x", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.s390x", product: { name: "dlm-kmp-default-4.4.121-92.205.1.s390x", product_id: "dlm-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.s390x", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.s390x", product_id: "gfs2-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.s390x", product: { name: "kernel-default-4.4.121-92.205.1.s390x", product_id: "kernel-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.s390x", product: { name: "kernel-default-base-4.4.121-92.205.1.s390x", product_id: "kernel-default-base-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.s390x", product: { name: "kernel-default-devel-4.4.121-92.205.1.s390x", product_id: "kernel-default-devel-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.s390x", product: { name: "kernel-default-extra-4.4.121-92.205.1.s390x", product_id: "kernel-default-extra-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.s390x", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.s390x", product_id: "kernel-default-kgraft-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.121-92.205.1.s390x", product: { name: "kernel-default-man-4.4.121-92.205.1.s390x", product_id: "kernel-default-man-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.s390x", product: { name: "kernel-obs-build-4.4.121-92.205.1.s390x", product_id: "kernel-obs-build-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.s390x", product: { name: "kernel-obs-qa-4.4.121-92.205.1.s390x", product_id: "kernel-obs-qa-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.s390x", product: { name: "kernel-syms-4.4.121-92.205.1.s390x", product_id: "kernel-syms-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.s390x", product: { name: "kernel-vanilla-4.4.121-92.205.1.s390x", product_id: "kernel-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.s390x", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.s390x", product_id: "kernel-vanilla-base-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.s390x", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.s390x", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.4.121-92.205.1.s390x", product: { name: "kernel-zfcpdump-4.4.121-92.205.1.s390x", product_id: "kernel-zfcpdump-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.s390x", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.s390x", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "cluster-md-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "cluster-md-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.x86_64", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "cluster-network-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "cluster-network-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.x86_64", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "dlm-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "dlm-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "dlm-kmp-default-4.4.121-92.205.1.x86_64", product_id: "dlm-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "gfs2-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "gfs2-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.x86_64", product_id: "gfs2-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-base-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-base-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-devel-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-devel-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-extra-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-extra-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-kgraft-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-kgraft-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-4.4.121-92.205.1.x86_64", product_id: "kernel-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-base-4.4.121-92.205.1.x86_64", product_id: "kernel-default-base-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-devel-4.4.121-92.205.1.x86_64", product_id: "kernel-default-devel-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-extra-4.4.121-92.205.1.x86_64", product_id: "kernel-default-extra-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.x86_64", product_id: "kernel-default-kgraft-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.x86_64", product: { name: "kernel-obs-build-4.4.121-92.205.1.x86_64", product_id: "kernel-obs-build-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.x86_64", product: { name: "kernel-obs-qa-4.4.121-92.205.1.x86_64", product_id: "kernel-obs-qa-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.x86_64", product: { name: "kernel-syms-4.4.121-92.205.1.x86_64", product_id: "kernel-syms-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.x86_64", product: { name: "kernel-vanilla-4.4.121-92.205.1.x86_64", product_id: "kernel-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.x86_64", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.x86_64", product_id: "kernel-vanilla-base-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.x86_64", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.x86_64", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "ocfs2-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "ocfs2-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.x86_64", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-default-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.205.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", }, product_reference: "kernel-devel-4.4.121-92.205.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.205.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", }, product_reference: "kernel-macros-4.4.121-92.205.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.205.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", }, product_reference: "kernel-source-4.4.121-92.205.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-syms-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, ], }, vulnerabilities: [ { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2018-20784", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20784", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20784", url: "https://www.suse.com/security/cve/CVE-2018-20784", }, { category: "external", summary: "SUSE Bug 1126703 for CVE-2018-20784", url: "https://bugzilla.suse.com/1126703", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2018-20784", }, { cve: "CVE-2022-3566", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3566", }, ], notes: [ { category: "general", text: "A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3566", url: "https://www.suse.com/security/cve/CVE-2022-3566", }, { category: "external", summary: "SUSE Bug 1204405 for CVE-2022-3566", url: "https://bugzilla.suse.com/1204405", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-3566", }, { cve: "CVE-2022-45884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45884", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45884", url: "https://www.suse.com/security/cve/CVE-2022-45884", }, { category: "external", summary: "SUSE Bug 1205756 for CVE-2022-45884", url: "https://bugzilla.suse.com/1205756", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45884", }, { cve: "CVE-2022-45885", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45885", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45885", url: "https://www.suse.com/security/cve/CVE-2022-45885", }, { category: "external", summary: "SUSE Bug 1205758 for CVE-2022-45885", url: "https://bugzilla.suse.com/1205758", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45885", }, { cve: "CVE-2022-45886", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45886", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45886", url: "https://www.suse.com/security/cve/CVE-2022-45886", }, { category: "external", summary: "SUSE Bug 1205760 for CVE-2022-45886", url: "https://bugzilla.suse.com/1205760", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45886", }, { cve: "CVE-2022-45887", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45887", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45887", url: "https://www.suse.com/security/cve/CVE-2022-45887", }, { category: "external", summary: "SUSE Bug 1205762 for CVE-2022-45887", url: "https://bugzilla.suse.com/1205762", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2022-45887", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45887", }, { cve: "CVE-2022-45919", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45919", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45919", url: "https://www.suse.com/security/cve/CVE-2022-45919", }, { category: "external", summary: "SUSE Bug 1205803 for CVE-2022-45919", url: "https://bugzilla.suse.com/1205803", }, { category: "external", summary: "SUSE Bug 1208912 for CVE-2022-45919", url: "https://bugzilla.suse.com/1208912", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2022-45919", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2022-45919", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2022-45919", }, { cve: "CVE-2023-0590", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0590", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0590", url: "https://www.suse.com/security/cve/CVE-2023-0590", }, { category: "external", summary: "SUSE Bug 1207795 for CVE-2023-0590", url: "https://bugzilla.suse.com/1207795", }, { category: "external", summary: "SUSE Bug 1207822 for CVE-2023-0590", url: "https://bugzilla.suse.com/1207822", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-0590", url: "https://bugzilla.suse.com/1211495", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-0590", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-1077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1077", }, ], notes: [ { category: "general", text: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1077", url: "https://www.suse.com/security/cve/CVE-2023-1077", }, { category: "external", summary: "SUSE Bug 1208600 for CVE-2023-1077", url: "https://bugzilla.suse.com/1208600", }, { category: "external", summary: "SUSE Bug 1208839 for CVE-2023-1077", url: "https://bugzilla.suse.com/1208839", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1077", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1077", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-1077", }, { cve: "CVE-2023-1095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1095", }, ], notes: [ { category: "general", text: "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1095", url: "https://www.suse.com/security/cve/CVE-2023-1095", }, { category: "external", summary: "SUSE Bug 1208777 for CVE-2023-1095", url: "https://bugzilla.suse.com/1208777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1095", }, { cve: "CVE-2023-1118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1118", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1118", url: "https://www.suse.com/security/cve/CVE-2023-1118", }, { category: "external", summary: "SUSE Bug 1208837 for CVE-2023-1118", url: "https://bugzilla.suse.com/1208837", }, { category: "external", summary: "SUSE Bug 1208910 for CVE-2023-1118", url: "https://bugzilla.suse.com/1208910", }, { category: "external", summary: "SUSE Bug 1210423 for CVE-2023-1118", url: "https://bugzilla.suse.com/1210423", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-1118", url: "https://bugzilla.suse.com/1211495", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1118", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1118", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1118", }, { cve: "CVE-2023-1249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1249", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 (\"coredump: Use the vma snapshot in fill_files_note\") not applied yet, then kernel could be affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1249", url: "https://www.suse.com/security/cve/CVE-2023-1249", }, { category: "external", summary: "SUSE Bug 1209039 for CVE-2023-1249", url: "https://bugzilla.suse.com/1209039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1249", }, { cve: "CVE-2023-1380", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1380", }, ], notes: [ { category: "general", text: "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1380", url: "https://www.suse.com/security/cve/CVE-2023-1380", }, { category: "external", summary: "SUSE Bug 1209287 for CVE-2023-1380", url: "https://bugzilla.suse.com/1209287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "low", }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-1390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1390", }, ], notes: [ { category: "general", text: "A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1390", url: "https://www.suse.com/security/cve/CVE-2023-1390", }, { category: "external", summary: "SUSE Bug 1209289 for CVE-2023-1390", url: "https://bugzilla.suse.com/1209289", }, { category: "external", summary: "SUSE Bug 1210779 for CVE-2023-1390", url: "https://bugzilla.suse.com/1210779", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-1390", url: "https://bugzilla.suse.com/1211495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-1390", }, { cve: "CVE-2023-1513", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1513", }, ], notes: [ { category: "general", text: "A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1513", url: "https://www.suse.com/security/cve/CVE-2023-1513", }, { category: "external", summary: "SUSE Bug 1209532 for CVE-2023-1513", url: "https://bugzilla.suse.com/1209532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "low", }, ], title: "CVE-2023-1513", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-2194", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2194", }, ], notes: [ { category: "general", text: "An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace \"data->block[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2194", url: "https://www.suse.com/security/cve/CVE-2023-2194", }, { category: "external", summary: "SUSE Bug 1210715 for CVE-2023-2194", url: "https://bugzilla.suse.com/1210715", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2194", }, { cve: "CVE-2023-23454", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23454", }, ], notes: [ { category: "general", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23454", url: "https://www.suse.com/security/cve/CVE-2023-23454", }, { category: "external", summary: "SUSE Bug 1207036 for CVE-2023-23454", url: "https://bugzilla.suse.com/1207036", }, { category: "external", summary: "SUSE Bug 1207188 for CVE-2023-23454", url: "https://bugzilla.suse.com/1207188", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208044 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208044", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-23454", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23455", }, ], notes: [ { category: "general", text: "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23455", url: "https://www.suse.com/security/cve/CVE-2023-23455", }, { category: "external", summary: "SUSE Bug 1207125 for CVE-2023-23455", url: "https://bugzilla.suse.com/1207125", }, { category: "external", summary: "SUSE Bug 1207189 for CVE-2023-23455", url: "https://bugzilla.suse.com/1207189", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-23455", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-2513", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2513", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2513", url: "https://www.suse.com/security/cve/CVE-2023-2513", }, { category: "external", summary: "SUSE Bug 1211105 for CVE-2023-2513", url: "https://bugzilla.suse.com/1211105", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2513", }, { cve: "CVE-2023-28328", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28328", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28328", url: "https://www.suse.com/security/cve/CVE-2023-28328", }, { category: "external", summary: "SUSE Bug 1209291 for CVE-2023-28328", url: "https://bugzilla.suse.com/1209291", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-28328", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-28328", }, { cve: "CVE-2023-28464", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28464", }, ], notes: [ { category: "general", text: "hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28464", url: "https://www.suse.com/security/cve/CVE-2023-28464", }, { category: "external", summary: "SUSE Bug 1209052 for CVE-2023-28464", url: "https://bugzilla.suse.com/1209052", }, { category: "external", summary: "SUSE Bug 1211111 for CVE-2023-28464", url: "https://bugzilla.suse.com/1211111", }, { category: "external", summary: "SUSE Bug 1220130 for CVE-2023-28464", url: "https://bugzilla.suse.com/1220130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-28464", }, { cve: "CVE-2023-28772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28772", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28772", url: "https://www.suse.com/security/cve/CVE-2023-28772", }, { category: "external", summary: "SUSE Bug 1209549 for CVE-2023-28772", url: "https://bugzilla.suse.com/1209549", }, { category: "external", summary: "SUSE Bug 1211110 for CVE-2023-28772", url: "https://bugzilla.suse.com/1211110", }, { category: "external", summary: "SUSE Bug 1214378 for CVE-2023-28772", url: "https://bugzilla.suse.com/1214378", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-28772", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-30772", }, { cve: "CVE-2023-3090", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3090", }, ], notes: [ { category: "general", text: "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3090", url: "https://www.suse.com/security/cve/CVE-2023-3090", }, { category: "external", summary: "SUSE Bug 1212842 for CVE-2023-3090", url: "https://bugzilla.suse.com/1212842", }, { category: "external", summary: "SUSE Bug 1212849 for CVE-2023-3090", url: "https://bugzilla.suse.com/1212849", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-3090", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1219701 for CVE-2023-3090", url: "https://bugzilla.suse.com/1219701", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-3090", }, { cve: "CVE-2023-3141", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3141", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3141", url: "https://www.suse.com/security/cve/CVE-2023-3141", }, { category: "external", summary: "SUSE Bug 1212129 for CVE-2023-3141", url: "https://bugzilla.suse.com/1212129", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-3141", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-31436", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-31436", }, ], notes: [ { category: "general", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-31436", url: "https://www.suse.com/security/cve/CVE-2023-31436", }, { category: "external", summary: "SUSE Bug 1210940 for CVE-2023-31436", url: "https://bugzilla.suse.com/1210940", }, { category: "external", summary: "SUSE Bug 1211260 for CVE-2023-31436", url: "https://bugzilla.suse.com/1211260", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-31436", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-31436", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-31436", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1223091 for CVE-2023-31436", url: "https://bugzilla.suse.com/1223091", }, { category: "external", summary: "SUSE Bug 1224419 for CVE-2023-31436", url: "https://bugzilla.suse.com/1224419", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-3159", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3159", }, ], notes: [ { category: "general", text: "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3159", url: "https://www.suse.com/security/cve/CVE-2023-3159", }, { category: "external", summary: "SUSE Bug 1212128 for CVE-2023-3159", url: "https://bugzilla.suse.com/1212128", }, { category: "external", summary: "SUSE Bug 1212347 for CVE-2023-3159", url: "https://bugzilla.suse.com/1212347", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-3159", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-3159", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-3159", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-3159", }, { cve: "CVE-2023-3161", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3161", }, ], notes: [ { category: "general", text: "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3161", url: "https://www.suse.com/security/cve/CVE-2023-3161", }, { category: "external", summary: "SUSE Bug 1212154 for CVE-2023-3161", url: "https://bugzilla.suse.com/1212154", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-3161", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-3161", }, { cve: "CVE-2023-32269", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-32269", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-32269", url: "https://www.suse.com/security/cve/CVE-2023-32269", }, { category: "external", summary: "SUSE Bug 1211186 for CVE-2023-32269", url: "https://bugzilla.suse.com/1211186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-32269", }, { cve: "CVE-2023-35824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-35824", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-35824", url: "https://www.suse.com/security/cve/CVE-2023-35824", }, { category: "external", summary: "SUSE Bug 1212501 for CVE-2023-35824", url: "https://bugzilla.suse.com/1212501", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-35824", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-35824", }, ], }
suse-su-2023:2151-1
Vulnerability from csaf_suse
Published
2023-05-09 15:35
Modified
2023-05-09 15:35
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
The following non-security bugs were fixed:
- cifs: fix negotiate context parsing (bsc#1210301).
- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).
Patchnames
SUSE-2023-2151,SUSE-SLE-Module-Live-Patching-15-SP1-2023-2151,SUSE-SLE-Product-HA-15-SP1-2023-2151,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2151,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2151,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2151,openSUSE-SLE-15.4-2023-2151
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).\n\nThe following non-security bugs were fixed:\n\n- cifs: fix negotiate context parsing (bsc#1210301).\n- cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2151,SUSE-SLE-Module-Live-Patching-15-SP1-2023-2151,SUSE-SLE-Product-HA-15-SP1-2023-2151,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2151,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2151,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2151,openSUSE-SLE-15.4-2023-2151", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2151-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2151-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232151-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2151-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029294.html", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1205128", url: "https://bugzilla.suse.com/1205128", }, { category: "self", summary: "SUSE Bug 1209613", url: "https://bugzilla.suse.com/1209613", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209777", url: "https://bugzilla.suse.com/1209777", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209887", url: "https://bugzilla.suse.com/1209887", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE CVE CVE-2020-36691 page", url: "https://www.suse.com/security/cve/CVE-2020-36691/", }, { category: "self", summary: "SUSE CVE CVE-2022-43945 page", url: "https://www.suse.com/security/cve/CVE-2022-43945/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-09T15:35:27Z", generator: { date: "2023-05-09T15:35:27Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2151-1", initial_release_date: "2023-05-09T15:35:27Z", revision_history: [ { date: "2023-05-09T15:35:27Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", product_id: "dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-default-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-default-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-default-base-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-default-base-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-default-devel-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-default-devel-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-default-extra-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-default-extra-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-default-livepatch-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-default-livepatch-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-obs-build-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-obs-build-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-obs-qa-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-obs-qa-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-syms-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-syms-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-vanilla-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-vanilla-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", product_id: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150100.197.145.1.aarch64", product: { name: "kselftests-kmp-default-4.12.14-150100.197.145.1.aarch64", product_id: "kselftests-kmp-default-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", product: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", product_id: "reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-150100.197.145.1.noarch", product: { name: "kernel-devel-4.12.14-150100.197.145.1.noarch", product_id: "kernel-devel-4.12.14-150100.197.145.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-150100.197.145.1.noarch", product: { name: "kernel-docs-4.12.14-150100.197.145.1.noarch", product_id: "kernel-docs-4.12.14-150100.197.145.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.12.14-150100.197.145.1.noarch", product: { name: "kernel-docs-html-4.12.14-150100.197.145.1.noarch", product_id: "kernel-docs-html-4.12.14-150100.197.145.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-150100.197.145.1.noarch", product: { name: "kernel-macros-4.12.14-150100.197.145.1.noarch", product_id: "kernel-macros-4.12.14-150100.197.145.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-150100.197.145.1.noarch", product: { name: "kernel-source-4.12.14-150100.197.145.1.noarch", product_id: "kernel-source-4.12.14-150100.197.145.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.12.14-150100.197.145.1.noarch", product: { name: "kernel-source-vanilla-4.12.14-150100.197.145.1.noarch", product_id: "kernel-source-vanilla-4.12.14-150100.197.145.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-debug-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-debug-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-debug-devel-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-debug-devel-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-debug-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-debug-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-default-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-default-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-default-base-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-default-base-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-default-extra-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-default-extra-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", product: { name: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", product_id: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-obs-qa-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-obs-qa-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-syms-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-syms-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", product_id: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150100.197.145.1.ppc64le", product: { name: "kselftests-kmp-default-4.12.14-150100.197.145.1.ppc64le", product_id: "kselftests-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", product: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", product_id: "reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150100.197.145.1.s390x", product: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.s390x", product_id: "dlm-kmp-default-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", product_id: "gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-default-4.12.14-150100.197.145.1.s390x", product_id: "kernel-default-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-default-base-4.12.14-150100.197.145.1.s390x", product_id: "kernel-default-base-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-default-devel-4.12.14-150100.197.145.1.s390x", product_id: "kernel-default-devel-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-default-extra-4.12.14-150100.197.145.1.s390x", product_id: "kernel-default-extra-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-default-livepatch-4.12.14-150100.197.145.1.s390x", product_id: "kernel-default-livepatch-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.s390x", product_id: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-default-man-4.12.14-150100.197.145.1.s390x", product_id: "kernel-default-man-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-obs-build-4.12.14-150100.197.145.1.s390x", product_id: "kernel-obs-build-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-obs-qa-4.12.14-150100.197.145.1.s390x", product_id: "kernel-obs-qa-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-syms-4.12.14-150100.197.145.1.s390x", product_id: "kernel-syms-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-vanilla-4.12.14-150100.197.145.1.s390x", product_id: "kernel-vanilla-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", product_id: "kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", product_id: "kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", product_id: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-150100.197.145.1.s390x", product_id: "kernel-zfcpdump-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", product: { name: "kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", product_id: "kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150100.197.145.1.s390x", product: { name: "kselftests-kmp-default-4.12.14-150100.197.145.1.s390x", product_id: "kselftests-kmp-default-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", product: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", product_id: "reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", product_id: "dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-debug-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-debug-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-debug-base-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-debug-base-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-debug-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-debug-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-debug-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-debug-livepatch-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-default-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-default-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-default-base-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-default-base-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-default-extra-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-default-extra-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-kvmsmall-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-kvmsmall-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-kvmsmall-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-kvmsmall-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-kvmsmall-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-kvmsmall-livepatch-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", product: { name: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", product_id: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-obs-qa-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-obs-qa-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-syms-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-syms-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-vanilla-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-vanilla-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", product_id: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-4.12.14-150100.197.145.1.x86_64", product: { name: "kselftests-kmp-default-4.12.14-150100.197.145.1.x86_64", product_id: "kselftests-kmp-default-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", product: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", product_id: "reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP1", product: { name: "SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP1", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP1-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp1", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", }, product_reference: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1", product_id: "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", }, product_reference: "kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", }, product_reference: "cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", }, product_reference: "dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", }, product_reference: "gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", }, product_reference: "ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-devel-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-docs-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-macros-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-source-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-default-man-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-devel-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-docs-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-macros-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-source-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", }, product_reference: "reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", }, product_reference: "reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-devel-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-docs-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-macros-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-150100.197.145.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", }, product_reference: "kernel-source-4.12.14-150100.197.145.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-syms-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", }, product_reference: "reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-base-4.12.14-150100.197.145.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-base-4.12.14-150100.197.145.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-debug-base-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-150100.197.145.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-default-man-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-4.12.14-150100.197.145.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-vanilla-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-4.12.14-150100.197.145.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-4.12.14-150100.197.145.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-vanilla-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-4.12.14-150100.197.145.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-vanilla-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", }, product_reference: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", }, product_reference: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", }, product_reference: "kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", }, product_reference: "kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36691", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2020-36691", url: "https://www.suse.com/security/cve/CVE-2020-36691", }, { category: "external", summary: "SUSE Bug 1209613 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209613", }, { category: "external", summary: "SUSE Bug 1209777 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2020-36691", }, { cve: "CVE-2022-43945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-43945", }, ], notes: [ { category: "general", text: "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2022-43945", url: "https://www.suse.com/security/cve/CVE-2022-43945", }, { category: "external", summary: "SUSE Bug 1205128 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205128", }, { category: "external", summary: "SUSE Bug 1205130 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205130", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-43945", url: "https://bugzilla.suse.com/1209225", }, { category: "external", summary: "SUSE Bug 1210124 for CVE-2022-43945", url: "https://bugzilla.suse.com/1210124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "important", }, ], title: "CVE-2022-43945", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:cluster-md-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:dlm-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:gfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ocfs2-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-default-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_145-default-1-150100.3.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-default-man-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-base-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-default-devel-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-devel-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-docs-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-macros-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-obs-build-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-source-4.12.14-150100.197.145.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-syms-4.12.14-150100.197.145.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:reiserfs-kmp-default-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-default-man-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-kvmsmall-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-base-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.aarch64", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.ppc64le", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.s390x", "openSUSE Leap 15.4:kernel-vanilla-livepatch-devel-4.12.14-150100.197.145.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-man-4.12.14-150100.197.145.1.s390x", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:35:27Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2231-1
Vulnerability from csaf_suse
Published
2023-05-17 08:08
Modified
2023-05-17 08:08
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2235: A use-after-free vulnerability in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210986).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-23006: Fixed NULL checking against IS_ERR in dr_domain_init_resources (bsc#1208845).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-0386: A flaw was found where unauthorized access to the execution of the setuid file with capabilities was found in the OverlayFS subsystem, when a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allowed a local user to escalate their privileges on the system (bsc#1209615).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2019: A flaw was found in the netdevsim device driver, more specifically within the scheduling of events. This issue results from the improper management of a reference count and may lead to a denial of service (bsc#1210454).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
The following non-security bugs were fixed:
- ACPI: CPPC: Disable FIE if registers in PCC regions (bsc#1210953).
- ACPI: VIOT: Initialize the correct IOMMU fwspec (git-fixes).
- ACPI: resource: Add Medion S17413 to IRQ override quirk (git-fixes).
- ALSA: emu10k1: do not create old pass-through playback device on Audigy (git-fixes).
- ALSA: emu10k1: fix capture interrupt handler unlinking (git-fixes).
- ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (git-fixes).
- ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock (git-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2 (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and speaker support for HP Laptops (git-fixes).
- ALSA: hda/realtek: Remove specific patch for Dell Precision 3260 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP platform (git-fixes).
- ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (git-fixes).
- ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (git-fixes).
- ALSA: hda: cs35l41: Enable Amp High Pass Filter (git-fixes).
- ALSA: hda: patch_realtek: add quirk for Asus N7601ZM (git-fixes).
- ALSA: i2c/cs8427: fix iec958 mixer control deactivation (git-fixes).
- ARM: 9290/1: uaccess: Fix KASAN false-positives (git-fixes).
- ARM: dts: exynos: fix WM8960 clock name in Itop Elite (git-fixes).
- ARM: dts: gta04: fix excess dma channel usage (git-fixes).
- ARM: dts: qcom: ipq4019: Fix the PCI I/O port range (git-fixes).
- ARM: dts: rockchip: fix a typo error for rk3288 spdif node (git-fixes).
- ARM: dts: s5pv210: correct MIPI CSIS clock name (git-fixes).
- ASN.1: Fix check for strdup() success (git-fixes).
- ASoC: cs35l41: Only disable internal boost (git-fixes).
- ASoC: es8316: Handle optional IRQ assignment (git-fixes).
- ASoC: fsl_asrc_dma: fix potential null-ptr-deref (git-fixes).
- ASoC: fsl_mqs: move of_node_put() to the correct location (git-fixes).
- Add 42a11bf5c543 cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly
- Add eee878537941 cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods
- Bluetooth: Fix race condition in hidp_session_thread (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (git-fixes).
- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- IB/mlx5: Add support for 400G_8X lane speed (git-fixes)
- Input: hp_sdc_rtc - mark an unused function as __maybe_unused (git-fixes).
- Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (git-fixes).
- KEYS: Add missing function documentation (git-fixes).
- KEYS: Create static version of public_key_verify_signature (git-fixes).
- NFS: Cleanup unused rpc_clnt variable (git-fixes).
- NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL (git-fixes).
- NFSD: callback request does not use correct credential for AUTH_SYS (git-fixes).
- PCI/EDR: Clear Device Status after EDR error recovery (git-fixes).
- PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled (git-fixes).
- PCI: imx6: Install the fault handler only on compatible match (git-fixes).
- PCI: loongson: Add more devices that need MRRS quirk (git-fixes).
- PCI: loongson: Prevent LS7A MRRS increases (git-fixes).
- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
- PCI: qcom: Fix the incorrect register usage in v2.7.0 config (git-fixes).
- RDMA/cma: Allow UD qp_type to join multicast only (git-fixes)
- RDMA/core: Fix GID entry ref leak when create_ah fails (git-fixes)
- RDMA/irdma: Add ipv4 check to irdma_find_listener() (git-fixes)
- RDMA/irdma: Fix memory leak of PBLE objects (git-fixes)
- RDMA/irdma: Increase iWARP CM default rexmit count (git-fixes)
- Remove obsolete KMP obsoletes (bsc#1210469).
- Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (git-fixes).
- Revert 'pinctrl: amd: Disable and mask interrupts on resume' (git-fixes).
- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
- USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).
- USB: serial: option: add Quectel RM500U-CN modem (git-fixes).
- USB: serial: option: add Telit FE990 compositions (git-fixes).
- USB: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).
- amdgpu: disable powerpc support for the newer display engine (bsc#1194869).
- arm64: dts: imx8mm-evk: correct pmic clock source (git-fixes).
- arm64: dts: meson-g12-common: specify full DMC range (git-fixes).
- arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node (git-fixes).
- arm64: dts: qcom: ipq8074: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator (git-fixes).
- arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator (git-fixes).
- arm64: dts: qcom: msm8996: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name (git-fixes).
- arm64: dts: qcom: msm8998: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply (git-fixes).
- arm64: dts: qcom: sdm845: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: sm8250: Fix the PCI I/O port range (git-fixes).
- arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table (git-fixes).
- arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table (git-fixes).
- arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property (git-fixes).
- arm64: enable jump-label jump-label was disabled on arm64 by a backport error.
- bluetooth: Perform careful capability checks in hci_sock_ioctl() (git-fixes).
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).
- cifs: fix negotiate context parsing (bsc#1210301).
- clk: add missing of_node_put() in 'assigned-clocks' property parsing (git-fixes).
- clk: at91: clk-sam9x60-pll: fix return value check (git-fixes).
- clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent (git-fixes).
- clk: sprd: set max_register according to mapping range (git-fixes).
- clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails (git-fixes).
- config: arm64: enable ERRATUM_843419 Config option was incorrectly replaced by the rt-refresh-configs script
- cpufreq: CPPC: Fix build error without CONFIG_ACPI_CPPC_CPUFREQ_FIE (bsc#1210953).
- cpufreq: CPPC: Fix performance/frequency conversion (git-fixes).
- cpumask: fix incorrect cpumask scanning result checks (bsc#1210943).
- crypto: caam - Clear some memory in instantiate_rng (git-fixes).
- crypto: drbg - Only fail when jent is unavailable in FIPS mode (git-fixes).
- crypto: sa2ul - Select CRYPTO_DES (git-fixes).
- crypto: safexcel - Cleanup ring IRQ workqueues on load failure (git-fixes).
- driver core: Do not require dynamic_debug for initcall_debug probe timing (git-fixes).
- drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() (git-fixes).
- drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() (git-fixes).
- drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings (git-fixes).
- drm/amd/display: Fix potential null dereference (git-fixes).
- drm/amdgpu: Re-enable DCN for 64-bit powerpc (bsc#1194869).
- drm/armada: Fix a potential double free in an error handling path (git-fixes).
- drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535 (git-fixes).
- drm/bridge: lt8912b: Fix DSI Video Mode (git-fixes).
- drm/bridge: lt9611: Fix PLL being unable to lock (git-fixes).
- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var (git-fixes).
- drm/i915/dsi: fix DSS CTL register offsets for TGL+ (git-fixes).
- drm/i915: Fix fast wake AUX sync len (git-fixes).
- drm/i915: Make intel_get_crtc_new_encoder() less oopsy (git-fixes).
- drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (git-fixes).
- drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() (git-fixes).
- drm/msm/adreno: drop bogus pm_runtime_set_active() (git-fixes).
- drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources (git-fixes).
- drm/msm: fix NULL-deref on snapshot tear down (git-fixes).
- drm/nouveau/disp: Support more modes by checking with lower bpc (git-fixes).
- drm/panel: otm8009a: Set backlight parent to panel device (git-fixes).
- drm/probe-helper: Cancel previous job before starting new one (git-fixes).
- drm/rockchip: Drop unbalanced obj unref (git-fixes).
- drm/vgem: add missing mutex_destroy (git-fixes).
- drm: msm: adreno: Disable preemption on Adreno 510 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (git-fixes).
- drm: rcar-du: Fix a NULL vs IS_ERR() bug (git-fixes).
- dt-bindings: arm: fsl: Fix copy-paste error in comment (git-fixes).
- dt-bindings: iio: ti,tmp117: fix documentation link (git-fixes).
- dt-bindings: mailbox: qcom,apcs-kpss-global: fix SDX55 'if' match (git-fixes).
- dt-bindings: nvmem: qcom,spmi-sdam: fix example 'reg' property (git-fixes).
- dt-bindings: remoteproc: stm32-rproc: Typo fix (git-fixes).
- dt-bindings: soc: qcom: smd-rpm: re-add missing qcom,rpm-msm8994 (git-fixes).
- e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).
- efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (git-fixes).
- ext4: Fix deadlock during directory rename (bsc#1210763).
- ext4: Fix possible corruption when moving a directory (bsc#1210763).
- ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).
- ext4: fix another off-by-one fsmap error on 1k block filesystems (bsc#1210767).
- ext4: fix bad checksum after online resize (bsc#1210762 bsc#1208076).
- ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).
- ext4: fix corruption when online resizing a 1K bigalloc fs (bsc#1206891).
- ext4: fix incorrect options show of original mount_opt and extend mount_opt2 (bsc#1210764).
- ext4: fix possible double unlock when moving a directory (bsc#1210763).
- ext4: use ext4_journal_start/stop for fast commit transactions (bsc#1210793).
- fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace (git-fixes).
- firmware: qcom_scm: Clear download bit during reboot (git-fixes).
- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes).
- fpga: bridge: fix kernel-doc parameter description (git-fixes).
- hwmon: (adt7475) Use device_property APIs when configuring polarity (git-fixes).
- hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write (git-fixes).
- hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E (git-fixes).
- i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path (git-fixes).
- i2c: hisi: Avoid redundant interrupts (git-fixes).
- i2c: imx-lpi2c: clean rx/tx buffers upon new message (git-fixes).
- i2c: ocores: generate stop condition after timeout in polling mode (git-fixes).
- i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call (git-fixes).
- ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (bsc#1210158).
- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (git-fixes).
- iio: light: tsl2772: fix reading proximity-diodes from device tree (git-fixes).
- ipmi: fix SSIF not responding under certain cond (git-fixes).
- ipmi:ssif: Add send_retries increment (git-fixes).
- k-m-s: Drop Linux 2.6 support
- kABI: PCI: loongson: Prevent LS7A MRRS increases (kabi).
- kABI: x86/msi: Fix msi message data shadow struct (kabi).
- kabi/severities: ignore KABI for NVMe target (bsc#1174777) The target code is only for testing and there are no external users.
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- locking/rwbase: Mitigate indefinite writer starvation.
- media: av7110: prevent underflow in write_ts_to_decoder() (git-fixes).
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (git-fixes).
- media: max9286: Free control handler (git-fixes).
- media: rc: gpio-ir-recv: Fix support for wake-up (git-fixes).
- media: rkvdec: fix use after free bug in rkvdec_remove (git-fixes).
- media: saa7134: fix use after free bug in saa7134_finidev due to race condition (git-fixes).
- media: venus: dec: Fix handling of the start cmd (git-fixes).
- memstick: fix memory leak if card device is never registered (git-fixes).
- mm/filemap: fix page end in filemap_get_read_batch (bsc#1210768).
- mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages (bsc#1210034).
- mm: take a page reference when removing device exclusive entries (bsc#1211025).
- mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data (git-fixes).
- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (git-fixes).
- mtd: core: fix error path for nvmem provider (git-fixes).
- mtd: core: fix nvmem error reporting (git-fixes).
- mtd: core: provide unique name for nvmem device, take two (git-fixes).
- mtd: spi-nor: Fix a trivial typo (git-fixes).
- net: phy: nxp-c45-tja11xx: add remove callback (git-fixes).
- net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow (git-fixes).
- nfsd: call op_release, even when op_func returns an error (git-fixes).
- nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (git-fixes).
- nilfs2: initialize unused bytes in segment summary blocks (git-fixes).
- nvme initialize core quirks before calling nvme_init_subsystem (git-fixes).
- nvme-auth: uninitialized variable in nvme_auth_transform_key() (git-fixes).
- nvme-fcloop: fix 'inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage' (git-fixes).
- nvme-hwmon: consistently ignore errors from nvme_hwmon_init (git-fixes).
- nvme-hwmon: kmalloc the NVME SMART log buffer (git-fixes).
- nvme-multipath: fix possible hang in live ns resize with ANA access (git-fixes).
- nvme-pci: fix doorbell buffer value endianness (git-fixes).
- nvme-pci: fix mempool alloc size (git-fixes).
- nvme-pci: fix page size checks (git-fixes).
- nvme-pci: fix timeout request state check (git-fixes).
- nvme-rdma: fix possible hang caused during ctrl deletion (git-fixes).
- nvme-tcp: fix possible circular locking when deleting a controller under memory pressure (git-fixes).
- nvme-tcp: fix possible hang caused during ctrl deletion (git-fixes).
- nvme-tcp: fix regression that causes sporadic requests to time out (git-fixes).
- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices (git-fixes).
- nvme: add device name to warning in uuid_show() (git-fixes).
- nvme: catch -ENODEV from nvme_revalidate_zones again (git-fixes).
- nvme: copy firmware_rev on each init (git-fixes).
- nvme: define compat_ioctl again to unbreak 32-bit userspace (git-fixes).
- nvme: fix async event trace event (git-fixes).
- nvme: fix handling single range discard request (git-fixes).
- nvme: fix per-namespace chardev deletion (git-fixes).
- nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition (git-fixes).
- nvme: fix the read-only state for zoned namespaces with unsupposed features (git-fixes).
- nvme: improve the NVME_CONNECT_AUTHREQ* definitions (git-fixes).
- nvme: move nvme_multi_css into nvme.h (git-fixes).
- nvme: return err on nvme_init_non_mdts_limits fail (git-fixes).
- nvme: send Identify with CNS 06h only to I/O controllers (bsc#1209693).
- nvme: set dma alignment to dword (git-fixes).
- nvme: use command_id instead of req->tag in trace_nvme_complete_rq() (git-fixes).
- nvmet-auth: do not try to cancel a non-initialized work_struct (git-fixes).
- nvmet-tcp: fix incomplete data digest send (git-fixes).
- nvmet-tcp: fix regression in data_digest calculation (git-fixes).
- nvmet: add helpers to set the result field for connect commands (git-fixes).
- nvmet: avoid potential UAF in nvmet_req_complete() (git-fixes).
- nvmet: do not defer passthrough commands with trivial effects to the workqueue (git-fixes).
- nvmet: fix I/O Command Set specific Identify Controller (git-fixes).
- nvmet: fix Identify Active Namespace ID list handling (git-fixes).
- nvmet: fix Identify Controller handling (git-fixes).
- nvmet: fix Identify Namespace handling (git-fixes).
- nvmet: fix a memory leak (git-fixes).
- nvmet: fix a memory leak in nvmet_auth_set_key (git-fixes).
- nvmet: fix a use-after-free (git-fixes).
- nvmet: fix invalid memory reference in nvmet_subsys_attr_qid_max_show (git-fixes).
- nvmet: force reconnect when number of queue changes (git-fixes).
- nvmet: looks at the passthrough controller when initializing CAP (git-fixes).
- nvmet: only allocate a single slab for bvecs (git-fixes).
- nvmet: use IOCB_NOWAIT only if the filesystem supports it (git-fixes).
- perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output (git fixes).
- perf/core: Fix the same task check in perf_event_set_output (git fixes).
- perf: Fix check before add_event_to_groups() in perf_group_detach() (git fixes).
- perf: fix perf_event_context->time (git fixes).
- platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2 (git-fixes).
- platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE (git-fixes).
- power: supply: cros_usbpd: reclassify 'default case!' as debug (git-fixes).
- power: supply: generic-adc-battery: fix unit scaling (git-fixes).
- powerpc/64: Always build with 128-bit long double (bsc#1194869).
- powerpc/64e: Fix amdgpu build on Book3E w/o AltiVec (bsc#1194869).
- powerpc/hv-gpci: Fix hv_gpci event list (git fixes).
- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/perf/hv-24x7: add missing RTAS retry status handling (git fixes).
- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc: declare unmodified attribute_group usages const (git-fixes).
- regulator: core: Avoid lockdep reports when resolving supplies (git-fixes).
- regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() (git-fixes).
- regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted (git-fixes).
- regulator: fan53555: Explicitly include bits header (git-fixes).
- regulator: fan53555: Fix wrong TCS_SLEW_MASK (git-fixes).
- regulator: stm32-pwr: fix of_iomap leak (git-fixes).
- remoteproc: Harden rproc_handle_vdev() against integer overflow (git-fixes).
- remoteproc: imx_rproc: Call of_node_put() on iteration error (git-fixes).
- remoteproc: st: Call of_node_put() on iteration error (git-fixes).
- remoteproc: stm32: Call of_node_put() on iteration error (git-fixes).
- rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time (git-fixes).
- rtc: omap: include header for omap_rtc_power_off_program prototype (git-fixes).
- sched/fair: Fix imbalance overflow (bsc#1155798 (CPU scheduler functional and performance backports)).
- sched/fair: Limit sched slice duration (bsc#1189999 (Scheduler functional and performance backports)).
- sched/fair: Move calculate of avg_load to a better location (bsc#1155798 (CPU scheduler functional and performance backports)).
- sched/fair: Sanitize vruntime of entity being migrated (bsc#1203325).
- sched/fair: sanitize vruntime of entity being placed (bsc#1203325).
- sched/numa: Stop an exhastive search if an idle core is found (bsc#1189999 (Scheduler functional and performance backports)).
- sched_getaffinity: do not assume 'cpumask_size()' is fully initialized (bsc#1155798 (CPU scheduler functional and performance backports)).
- scsi: aic94xx: Add missing check for dma_map_single() (git-fixes).
- scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD (git-fixes bsc#1203039) (renamed now that it's upstgream)
- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (git-fixes).
- scsi: core: Fix a procfs host directory removal regression (git-fixes).
- scsi: core: Fix a source code comment (git-fixes).
- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).
- scsi: hisi_sas: Check devm_add_action() return value (git-fixes).
- scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id (git-fixes).
- scsi: ipr: Work around fortify-string warning (git-fixes).
- scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() (git-fixes).
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (git-fixes).
- scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (git-fixes).
- scsi: kABI workaround for fc_host_fpin_rcv (git-fixes).
- scsi: libsas: Remove useless dev_list delete in sas_ex_discover_end_dev() (git-fixes).
- scsi: lpfc: Avoid usage of list iterator variable after loop (git-fixes).
- scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() (git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.11 patches (bsc#1210943).
- scsi: lpfc: Correct used_rpi count when devloss tmo fires with no recovery (bsc#1210943).
- scsi: lpfc: Defer issuing new PLOGI if received RSCN before completing REG_LOGIN (bsc#1210943).
- scsi: lpfc: Drop redundant pci_enable_pcie_error_reporting() (bsc#1210943).
- scsi: lpfc: Fix double word in comments (bsc#1210943).
- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (bsc#1210943).
- scsi: lpfc: Fix lockdep warning for rx_monitor lock when unloading driver (bsc#1210943).
- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (bsc#1210943).
- scsi: lpfc: Record LOGO state with discovery engine even if aborted (bsc#1210943).
- scsi: lpfc: Reorder freeing of various DMA buffers and their list removal (bsc#1210943).
- scsi: lpfc: Revise lpfc_error_lost_link() reason code evaluation logic (bsc#1210943).
- scsi: lpfc: Silence an incorrect device output (bsc#1210943).
- scsi: lpfc: Skip waiting for register ready bits when in unrecoverable state (bsc#1210943).
- scsi: lpfc: Update lpfc version to 14.2.0.11 (bsc#1210943).
- scsi: megaraid_sas: Fix crash after a double completion (git-fixes).
- scsi: megaraid_sas: Update max supported LD IDs to 240 (git-fixes).
- scsi: mpt3sas: Do not print sense pool info twice (git-fixes).
- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (git-fixes).
- scsi: mpt3sas: Fix a memory leak (git-fixes).
- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (git-fixes).
- scsi: scsi_transport_fc: Add an additional flag to fc_host_fpin_rcv() (bsc#1210943).
- scsi: sd: Fix wrong zone_write_granularity value during revalidate (git-fixes).
- scsi: ses: Do not attach if enclosure has no components (git-fixes).
- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (git-fixes).
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).
- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (git-fixes).
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (git-fixes).
- scsi: snic: Fix memory leak with using debugfs_lookup() (git-fixes).
- seccomp: Move copy_seccomp() to no failure path (bsc#1210817).
- selftests/kselftest/runner/run_one(): allow running non-executable files (git-fixes).
- selftests: sigaltstack: fix -Wuninitialized (git-fixes).
- selinux: ensure av_permissions.h is built when needed (git-fixes).
- selinux: fix Makefile dependencies of flask.h (git-fixes).
- serial: 8250: Add missing wakeup event reporting (git-fixes).
- serial: 8250_bcm7271: Fix arbitration handling (git-fixes).
- serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards (git-fixes).
- serial: exar: Add support for Sealevel 7xxxC serial cards (git-fixes).
- signal handling: do not use BUG_ON() for debugging (bsc#1210439).
- signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed (bsc#1210816).
- signal: Do not always set SA_IMMUTABLE for forced signals (bsc#1210816).
- signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE (bsc#1210816).
- soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe (git-fixes).
- spi: cadence-quadspi: fix suspend-resume implementations (git-fixes).
- spi: fsl-spi: Fix CPM/QE mode Litte Endian (git-fixes).
- spi: qup: Do not skip cleanup in remove's error path (git-fixes).
- staging: iio: resolver: ads1210: fix config mode (git-fixes).
- staging: rtl8192e: Fix W_DISABLE# does not work after stop/start (git-fixes).
- stat: fix inconsistency between struct stat and struct compat_stat (git-fixes).
- sunrpc: only free unix grouplist after RCU settles (git-fixes).
- supported.conf: declaring usb_f_ncm supported as requested in (jsc#PED-3750) Support for the legacy functionality g_ncm is still under discussion (see jsc-PED#3200) For maintainance see (jsc#PED-3759)
- supported.conf: support u_ether and libcomposite (jsc-PED#3750) This is necessary for g_ncm (for maintainance see jsc-PED#3759)
- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH (git-fixes).
- tty: serial: fsl_lpuart: adjust buffer length to the intended size (git-fixes).
- udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).
- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).
- udf: Support splicing to file (bsc#1210770).
- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).
- usb: chipidea: imx: avoid unnecessary probe defer (git-fixes).
- usb: dwc3: gadget: Change condition for processing suspend event (git-fixes).
- usb: dwc3: pci: add support for the Intel Meteor Lake-S (git-fixes).
- usb: gadget: tegra-xudc: Fix crash in vbus_draw (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition (git-fixes).
- usb: host: xhci-rcar: remove leftover quirk handling (git-fixes).
- virt/coco/sev-guest: Add throttling awareness (bsc#1209927).
- virt/coco/sev-guest: Carve out the request issuing logic into a helper (bsc#1209927).
- virt/coco/sev-guest: Check SEV_SNP attribute at probe time (bsc#1209927).
- virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case (bsc#1209927).
- virt/coco/sev-guest: Do some code style cleanups (bsc#1209927).
- virt/coco/sev-guest: Remove the disable_vmpck label in handle_guest_request() (bsc#1209927).
- virt/coco/sev-guest: Simplify extended guest request handling (bsc#1209927).
- virt/sev-guest: Return -EIO if certificate buffer is not large enough (bsc#1209927).
- virtio_ring: do not update event idx on get_buf (git-fixes).
- vmci_host: fix a race condition in vmci_host_poll() causing GPF (git-fixes).
- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).
- wifi: ath6kl: minor fix for allocation size (git-fixes).
- wifi: ath6kl: reduce WARN to dev_dbg() in callback (git-fixes).
- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (git-fixes).
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (git-fixes).
- wifi: brcmfmac: support CQM RSSI notification with older firmware (git-fixes).
- wifi: iwlwifi: debug: fix crash in __iwl_err() (git-fixes).
- wifi: iwlwifi: fix duplicate entry in iwl_dev_info_table (git-fixes).
- wifi: iwlwifi: fw: fix memory leak in debugfs (git-fixes).
- wifi: iwlwifi: fw: move memset before early return (git-fixes).
- wifi: iwlwifi: make the loop for card preparation effective (git-fixes).
- wifi: iwlwifi: mvm: check firmware response size (git-fixes).
- wifi: iwlwifi: mvm: do not set CHECKSUM_COMPLETE for unsupported protocols (git-fixes).
- wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (git-fixes).
- wifi: iwlwifi: mvm: initialize seq variable (git-fixes).
- wifi: iwlwifi: trans: do not trigger d3 interrupt twice (git-fixes).
- wifi: iwlwifi: yoyo: Fix possible division by zero (git-fixes).
- wifi: iwlwifi: yoyo: skip dump correctly on hw error (git-fixes).
- wifi: mac80211: adjust scan cancel comment/check (git-fixes).
- wifi: mt76: add missing locking to protect against concurrent rx/status calls (git-fixes).
- wifi: mt76: fix 6GHz high channel not be scanned (git-fixes).
- wifi: mt76: handle failure of vzalloc in mt7615_coredump_work (git-fixes).
- wifi: mwifiex: mark OF related data as maybe unused (git-fixes).
- wifi: rt2x00: Fix memory leak when handling surveys (git-fixes).
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() (git-fixes).
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() (git-fixes).
- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() (git-fixes).
- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() (git-fixes).
- wifi: rtw89: fix potential race condition between napi_init and napi_enable (git-fixes).
- writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs (bsc#1210769).
- x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails (git-fixes).
- x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (git-fixes).
- x86/bug: Prevent shadowing in __WARN_FLAGS (git-fixes).
- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
- x86/entry: Avoid very early RET (git-fixes).
- x86/entry: Do not call error_entry() for XENPV (git-fixes).
- x86/entry: Move CLD to the start of the idtentry macro (git-fixes).
- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (git-fixes).
- x86/entry: Switch the stack after error_entry() returns (git-fixes).
- x86/fpu: Prevent FPU state corruption (git-fixes).
- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (git-fixes).
- x86/msi: Fix msi message data shadow struct (git-fixes).
- x86/pci/xen: Disable PCI/MSI masking for XEN_HVM guests (git-fixes).
- x86/traps: Use pt_regs directly in fixup_bad_iret() (git-fixes).
- x86/tsx: Disable TSX development mode at boot (git-fixes).
- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).
- xhci: fix debugfs register accesses while suspended (git-fixes).
Patchnames
SUSE-2023-2231,SUSE-SLE-Micro-5.3-2023-2231,SUSE-SLE-Micro-5.4-2023-2231,SUSE-SLE-Module-Live-Patching-15-SP4-2023-2231,SUSE-SLE-Module-RT-15-SP4-2023-2231,openSUSE-Leap-Micro-5.3-2023-2231,openSUSE-SLE-15.4-2023-2231
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2235: A use-after-free vulnerability in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210986).\n- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).\n- CVE-2023-23006: Fixed NULL checking against IS_ERR in dr_domain_init_resources (bsc#1208845).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).\n- CVE-2023-0386: A flaw was found where unauthorized access to the execution of the setuid file with capabilities was found in the OverlayFS subsystem, when a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allowed a local user to escalate their privileges on the system (bsc#1209615).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-2019: A flaw was found in the netdevsim device driver, more specifically within the scheduling of events. This issue results from the improper management of a reference count and may lead to a denial of service (bsc#1210454).\n- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Disable FIE if registers in PCC regions (bsc#1210953).\n- ACPI: VIOT: Initialize the correct IOMMU fwspec (git-fixes).\n- ACPI: resource: Add Medion S17413 to IRQ override quirk (git-fixes).\n- ALSA: emu10k1: do not create old pass-through playback device on Audigy (git-fixes).\n- ALSA: emu10k1: fix capture interrupt handler unlinking (git-fixes).\n- ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (git-fixes).\n- ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock (git-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2 (git-fixes).\n- ALSA: hda/realtek: Enable mute/micmute LEDs and speaker support for HP Laptops (git-fixes).\n- ALSA: hda/realtek: Remove specific patch for Dell Precision 3260 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n- ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP platform (git-fixes).\n- ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (git-fixes).\n- ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (git-fixes).\n- ALSA: hda: cs35l41: Enable Amp High Pass Filter (git-fixes).\n- ALSA: hda: patch_realtek: add quirk for Asus N7601ZM (git-fixes).\n- ALSA: i2c/cs8427: fix iec958 mixer control deactivation (git-fixes).\n- ARM: 9290/1: uaccess: Fix KASAN false-positives (git-fixes).\n- ARM: dts: exynos: fix WM8960 clock name in Itop Elite (git-fixes).\n- ARM: dts: gta04: fix excess dma channel usage (git-fixes).\n- ARM: dts: qcom: ipq4019: Fix the PCI I/O port range (git-fixes).\n- ARM: dts: rockchip: fix a typo error for rk3288 spdif node (git-fixes).\n- ARM: dts: s5pv210: correct MIPI CSIS clock name (git-fixes).\n- ASN.1: Fix check for strdup() success (git-fixes).\n- ASoC: cs35l41: Only disable internal boost (git-fixes).\n- ASoC: es8316: Handle optional IRQ assignment (git-fixes).\n- ASoC: fsl_asrc_dma: fix potential null-ptr-deref (git-fixes).\n- ASoC: fsl_mqs: move of_node_put() to the correct location (git-fixes).\n- Add 42a11bf5c543 cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly\n- Add eee878537941 cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods\n- Bluetooth: Fix race condition in hidp_session_thread (git-fixes).\n- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (git-fixes).\n- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).\n- IB/mlx5: Add support for 400G_8X lane speed (git-fixes)\n- Input: hp_sdc_rtc - mark an unused function as __maybe_unused (git-fixes).\n- Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (git-fixes).\n- KEYS: Add missing function documentation (git-fixes).\n- KEYS: Create static version of public_key_verify_signature (git-fixes).\n- NFS: Cleanup unused rpc_clnt variable (git-fixes).\n- NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL (git-fixes).\n- NFSD: callback request does not use correct credential for AUTH_SYS (git-fixes).\n- PCI/EDR: Clear Device Status after EDR error recovery (git-fixes).\n- PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled (git-fixes).\n- PCI: imx6: Install the fault handler only on compatible match (git-fixes).\n- PCI: loongson: Add more devices that need MRRS quirk (git-fixes).\n- PCI: loongson: Prevent LS7A MRRS increases (git-fixes).\n- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).\n- PCI: qcom: Fix the incorrect register usage in v2.7.0 config (git-fixes).\n- RDMA/cma: Allow UD qp_type to join multicast only (git-fixes)\n- RDMA/core: Fix GID entry ref leak when create_ah fails (git-fixes)\n- RDMA/irdma: Add ipv4 check to irdma_find_listener() (git-fixes)\n- RDMA/irdma: Fix memory leak of PBLE objects (git-fixes)\n- RDMA/irdma: Increase iWARP CM default rexmit count (git-fixes)\n- Remove obsolete KMP obsoletes (bsc#1210469).\n- Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (git-fixes).\n- Revert 'pinctrl: amd: Disable and mask interrupts on resume' (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).\n- USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).\n- USB: serial: option: add Quectel RM500U-CN modem (git-fixes).\n- USB: serial: option: add Telit FE990 compositions (git-fixes).\n- USB: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).\n- amdgpu: disable powerpc support for the newer display engine (bsc#1194869).\n- arm64: dts: imx8mm-evk: correct pmic clock source (git-fixes).\n- arm64: dts: meson-g12-common: specify full DMC range (git-fixes).\n- arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node (git-fixes).\n- arm64: dts: qcom: ipq8074: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator (git-fixes).\n- arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator (git-fixes).\n- arm64: dts: qcom: msm8996: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name (git-fixes).\n- arm64: dts: qcom: msm8998: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply (git-fixes).\n- arm64: dts: qcom: sdm845: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: sm8250: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table (git-fixes).\n- arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table (git-fixes).\n- arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property (git-fixes).\n- arm64: enable jump-label jump-label was disabled on arm64 by a backport error.\n- bluetooth: Perform careful capability checks in hci_sock_ioctl() (git-fixes).\n- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- clk: add missing of_node_put() in 'assigned-clocks' property parsing (git-fixes).\n- clk: at91: clk-sam9x60-pll: fix return value check (git-fixes).\n- clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent (git-fixes).\n- clk: sprd: set max_register according to mapping range (git-fixes).\n- clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails (git-fixes).\n- config: arm64: enable ERRATUM_843419 Config option was incorrectly replaced by the rt-refresh-configs script\n- cpufreq: CPPC: Fix build error without CONFIG_ACPI_CPPC_CPUFREQ_FIE (bsc#1210953).\n- cpufreq: CPPC: Fix performance/frequency conversion (git-fixes).\n- cpumask: fix incorrect cpumask scanning result checks (bsc#1210943).\n- crypto: caam - Clear some memory in instantiate_rng (git-fixes).\n- crypto: drbg - Only fail when jent is unavailable in FIPS mode (git-fixes).\n- crypto: sa2ul - Select CRYPTO_DES (git-fixes).\n- crypto: safexcel - Cleanup ring IRQ workqueues on load failure (git-fixes).\n- driver core: Do not require dynamic_debug for initcall_debug probe timing (git-fixes).\n- drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() (git-fixes).\n- drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() (git-fixes).\n- drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings (git-fixes).\n- drm/amd/display: Fix potential null dereference (git-fixes).\n- drm/amdgpu: Re-enable DCN for 64-bit powerpc (bsc#1194869).\n- drm/armada: Fix a potential double free in an error handling path (git-fixes).\n- drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535 (git-fixes).\n- drm/bridge: lt8912b: Fix DSI Video Mode (git-fixes).\n- drm/bridge: lt9611: Fix PLL being unable to lock (git-fixes).\n- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var (git-fixes).\n- drm/i915/dsi: fix DSS CTL register offsets for TGL+ (git-fixes).\n- drm/i915: Fix fast wake AUX sync len (git-fixes).\n- drm/i915: Make intel_get_crtc_new_encoder() less oopsy (git-fixes).\n- drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (git-fixes).\n- drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() (git-fixes).\n- drm/msm/adreno: drop bogus pm_runtime_set_active() (git-fixes).\n- drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources (git-fixes).\n- drm/msm: fix NULL-deref on snapshot tear down (git-fixes).\n- drm/nouveau/disp: Support more modes by checking with lower bpc (git-fixes).\n- drm/panel: otm8009a: Set backlight parent to panel device (git-fixes).\n- drm/probe-helper: Cancel previous job before starting new one (git-fixes).\n- drm/rockchip: Drop unbalanced obj unref (git-fixes).\n- drm/vgem: add missing mutex_destroy (git-fixes).\n- drm: msm: adreno: Disable preemption on Adreno 510 (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (git-fixes).\n- drm: rcar-du: Fix a NULL vs IS_ERR() bug (git-fixes).\n- dt-bindings: arm: fsl: Fix copy-paste error in comment (git-fixes).\n- dt-bindings: iio: ti,tmp117: fix documentation link (git-fixes).\n- dt-bindings: mailbox: qcom,apcs-kpss-global: fix SDX55 'if' match (git-fixes).\n- dt-bindings: nvmem: qcom,spmi-sdam: fix example 'reg' property (git-fixes).\n- dt-bindings: remoteproc: stm32-rproc: Typo fix (git-fixes).\n- dt-bindings: soc: qcom: smd-rpm: re-add missing qcom,rpm-msm8994 (git-fixes).\n- e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).\n- efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (git-fixes).\n- ext4: Fix deadlock during directory rename (bsc#1210763).\n- ext4: Fix possible corruption when moving a directory (bsc#1210763).\n- ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).\n- ext4: fix another off-by-one fsmap error on 1k block filesystems (bsc#1210767).\n- ext4: fix bad checksum after online resize (bsc#1210762 bsc#1208076).\n- ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).\n- ext4: fix corruption when online resizing a 1K bigalloc fs (bsc#1206891).\n- ext4: fix incorrect options show of original mount_opt and extend mount_opt2 (bsc#1210764).\n- ext4: fix possible double unlock when moving a directory (bsc#1210763).\n- ext4: use ext4_journal_start/stop for fast commit transactions (bsc#1210793).\n- fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace (git-fixes).\n- firmware: qcom_scm: Clear download bit during reboot (git-fixes).\n- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes).\n- fpga: bridge: fix kernel-doc parameter description (git-fixes).\n- hwmon: (adt7475) Use device_property APIs when configuring polarity (git-fixes).\n- hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write (git-fixes).\n- hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E (git-fixes).\n- i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path (git-fixes).\n- i2c: hisi: Avoid redundant interrupts (git-fixes).\n- i2c: imx-lpi2c: clean rx/tx buffers upon new message (git-fixes).\n- i2c: ocores: generate stop condition after timeout in polling mode (git-fixes).\n- i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call (git-fixes).\n- ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (bsc#1210158).\n- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (git-fixes).\n- iio: light: tsl2772: fix reading proximity-diodes from device tree (git-fixes).\n- ipmi: fix SSIF not responding under certain cond (git-fixes).\n- ipmi:ssif: Add send_retries increment (git-fixes).\n- k-m-s: Drop Linux 2.6 support\n- kABI: PCI: loongson: Prevent LS7A MRRS increases (kabi).\n- kABI: x86/msi: Fix msi message data shadow struct (kabi).\n- kabi/severities: ignore KABI for NVMe target (bsc#1174777) The target code is only for testing and there are no external users.\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- locking/rwbase: Mitigate indefinite writer starvation.\n- media: av7110: prevent underflow in write_ts_to_decoder() (git-fixes).\n- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (git-fixes).\n- media: max9286: Free control handler (git-fixes).\n- media: rc: gpio-ir-recv: Fix support for wake-up (git-fixes).\n- media: rkvdec: fix use after free bug in rkvdec_remove (git-fixes).\n- media: saa7134: fix use after free bug in saa7134_finidev due to race condition (git-fixes).\n- media: venus: dec: Fix handling of the start cmd (git-fixes).\n- memstick: fix memory leak if card device is never registered (git-fixes).\n- mm/filemap: fix page end in filemap_get_read_batch (bsc#1210768).\n- mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages (bsc#1210034).\n- mm: take a page reference when removing device exclusive entries (bsc#1211025).\n- mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data (git-fixes).\n- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (git-fixes).\n- mtd: core: fix error path for nvmem provider (git-fixes).\n- mtd: core: fix nvmem error reporting (git-fixes).\n- mtd: core: provide unique name for nvmem device, take two (git-fixes).\n- mtd: spi-nor: Fix a trivial typo (git-fixes).\n- net: phy: nxp-c45-tja11xx: add remove callback (git-fixes).\n- net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow (git-fixes).\n- nfsd: call op_release, even when op_func returns an error (git-fixes).\n- nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (git-fixes).\n- nilfs2: initialize unused bytes in segment summary blocks (git-fixes).\n- nvme initialize core quirks before calling nvme_init_subsystem (git-fixes).\n- nvme-auth: uninitialized variable in nvme_auth_transform_key() (git-fixes).\n- nvme-fcloop: fix 'inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage' (git-fixes).\n- nvme-hwmon: consistently ignore errors from nvme_hwmon_init (git-fixes).\n- nvme-hwmon: kmalloc the NVME SMART log buffer (git-fixes).\n- nvme-multipath: fix possible hang in live ns resize with ANA access (git-fixes).\n- nvme-pci: fix doorbell buffer value endianness (git-fixes).\n- nvme-pci: fix mempool alloc size (git-fixes).\n- nvme-pci: fix page size checks (git-fixes).\n- nvme-pci: fix timeout request state check (git-fixes).\n- nvme-rdma: fix possible hang caused during ctrl deletion (git-fixes).\n- nvme-tcp: fix possible circular locking when deleting a controller under memory pressure (git-fixes).\n- nvme-tcp: fix possible hang caused during ctrl deletion (git-fixes).\n- nvme-tcp: fix regression that causes sporadic requests to time out (git-fixes).\n- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices (git-fixes).\n- nvme: add device name to warning in uuid_show() (git-fixes).\n- nvme: catch -ENODEV from nvme_revalidate_zones again (git-fixes).\n- nvme: copy firmware_rev on each init (git-fixes).\n- nvme: define compat_ioctl again to unbreak 32-bit userspace (git-fixes).\n- nvme: fix async event trace event (git-fixes).\n- nvme: fix handling single range discard request (git-fixes).\n- nvme: fix per-namespace chardev deletion (git-fixes).\n- nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition (git-fixes).\n- nvme: fix the read-only state for zoned namespaces with unsupposed features (git-fixes).\n- nvme: improve the NVME_CONNECT_AUTHREQ* definitions (git-fixes).\n- nvme: move nvme_multi_css into nvme.h (git-fixes).\n- nvme: return err on nvme_init_non_mdts_limits fail (git-fixes).\n- nvme: send Identify with CNS 06h only to I/O controllers (bsc#1209693).\n- nvme: set dma alignment to dword (git-fixes).\n- nvme: use command_id instead of req->tag in trace_nvme_complete_rq() (git-fixes).\n- nvmet-auth: do not try to cancel a non-initialized work_struct (git-fixes).\n- nvmet-tcp: fix incomplete data digest send (git-fixes).\n- nvmet-tcp: fix regression in data_digest calculation (git-fixes).\n- nvmet: add helpers to set the result field for connect commands (git-fixes).\n- nvmet: avoid potential UAF in nvmet_req_complete() (git-fixes).\n- nvmet: do not defer passthrough commands with trivial effects to the workqueue (git-fixes).\n- nvmet: fix I/O Command Set specific Identify Controller (git-fixes).\n- nvmet: fix Identify Active Namespace ID list handling (git-fixes).\n- nvmet: fix Identify Controller handling (git-fixes).\n- nvmet: fix Identify Namespace handling (git-fixes).\n- nvmet: fix a memory leak (git-fixes).\n- nvmet: fix a memory leak in nvmet_auth_set_key (git-fixes).\n- nvmet: fix a use-after-free (git-fixes).\n- nvmet: fix invalid memory reference in nvmet_subsys_attr_qid_max_show (git-fixes).\n- nvmet: force reconnect when number of queue changes (git-fixes).\n- nvmet: looks at the passthrough controller when initializing CAP (git-fixes).\n- nvmet: only allocate a single slab for bvecs (git-fixes).\n- nvmet: use IOCB_NOWAIT only if the filesystem supports it (git-fixes).\n- perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output (git fixes).\n- perf/core: Fix the same task check in perf_event_set_output (git fixes).\n- perf: Fix check before add_event_to_groups() in perf_group_detach() (git fixes).\n- perf: fix perf_event_context->time (git fixes).\n- platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2 (git-fixes).\n- platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE (git-fixes).\n- power: supply: cros_usbpd: reclassify 'default case!' as debug (git-fixes).\n- power: supply: generic-adc-battery: fix unit scaling (git-fixes).\n- powerpc/64: Always build with 128-bit long double (bsc#1194869).\n- powerpc/64e: Fix amdgpu build on Book3E w/o AltiVec (bsc#1194869).\n- powerpc/hv-gpci: Fix hv_gpci event list (git fixes).\n- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/perf/hv-24x7: add missing RTAS retry status handling (git fixes).\n- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc: declare unmodified attribute_group usages const (git-fixes).\n- regulator: core: Avoid lockdep reports when resolving supplies (git-fixes).\n- regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() (git-fixes).\n- regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted (git-fixes).\n- regulator: fan53555: Explicitly include bits header (git-fixes).\n- regulator: fan53555: Fix wrong TCS_SLEW_MASK (git-fixes).\n- regulator: stm32-pwr: fix of_iomap leak (git-fixes).\n- remoteproc: Harden rproc_handle_vdev() against integer overflow (git-fixes).\n- remoteproc: imx_rproc: Call of_node_put() on iteration error (git-fixes).\n- remoteproc: st: Call of_node_put() on iteration error (git-fixes).\n- remoteproc: stm32: Call of_node_put() on iteration error (git-fixes).\n- rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time (git-fixes).\n- rtc: omap: include header for omap_rtc_power_off_program prototype (git-fixes).\n- sched/fair: Fix imbalance overflow (bsc#1155798 (CPU scheduler functional and performance backports)).\n- sched/fair: Limit sched slice duration (bsc#1189999 (Scheduler functional and performance backports)).\n- sched/fair: Move calculate of avg_load to a better location (bsc#1155798 (CPU scheduler functional and performance backports)).\n- sched/fair: Sanitize vruntime of entity being migrated (bsc#1203325).\n- sched/fair: sanitize vruntime of entity being placed (bsc#1203325).\n- sched/numa: Stop an exhastive search if an idle core is found (bsc#1189999 (Scheduler functional and performance backports)).\n- sched_getaffinity: do not assume 'cpumask_size()' is fully initialized (bsc#1155798 (CPU scheduler functional and performance backports)).\n- scsi: aic94xx: Add missing check for dma_map_single() (git-fixes).\n- scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD (git-fixes bsc#1203039) (renamed now that it's upstgream)\n- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (git-fixes).\n- scsi: core: Fix a procfs host directory removal regression (git-fixes).\n- scsi: core: Fix a source code comment (git-fixes).\n- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).\n- scsi: hisi_sas: Check devm_add_action() return value (git-fixes).\n- scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id (git-fixes).\n- scsi: ipr: Work around fortify-string warning (git-fixes).\n- scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() (git-fixes).\n- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (git-fixes).\n- scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (git-fixes).\n- scsi: kABI workaround for fc_host_fpin_rcv (git-fixes).\n- scsi: libsas: Remove useless dev_list delete in sas_ex_discover_end_dev() (git-fixes).\n- scsi: lpfc: Avoid usage of list iterator variable after loop (git-fixes).\n- scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() (git-fixes).\n- scsi: lpfc: Copyright updates for 14.2.0.11 patches (bsc#1210943).\n- scsi: lpfc: Correct used_rpi count when devloss tmo fires with no recovery (bsc#1210943).\n- scsi: lpfc: Defer issuing new PLOGI if received RSCN before completing REG_LOGIN (bsc#1210943).\n- scsi: lpfc: Drop redundant pci_enable_pcie_error_reporting() (bsc#1210943).\n- scsi: lpfc: Fix double word in comments (bsc#1210943).\n- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (bsc#1210943).\n- scsi: lpfc: Fix lockdep warning for rx_monitor lock when unloading driver (bsc#1210943).\n- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (bsc#1210943).\n- scsi: lpfc: Record LOGO state with discovery engine even if aborted (bsc#1210943).\n- scsi: lpfc: Reorder freeing of various DMA buffers and their list removal (bsc#1210943).\n- scsi: lpfc: Revise lpfc_error_lost_link() reason code evaluation logic (bsc#1210943).\n- scsi: lpfc: Silence an incorrect device output (bsc#1210943).\n- scsi: lpfc: Skip waiting for register ready bits when in unrecoverable state (bsc#1210943).\n- scsi: lpfc: Update lpfc version to 14.2.0.11 (bsc#1210943).\n- scsi: megaraid_sas: Fix crash after a double completion (git-fixes).\n- scsi: megaraid_sas: Update max supported LD IDs to 240 (git-fixes).\n- scsi: mpt3sas: Do not print sense pool info twice (git-fixes).\n- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (git-fixes).\n- scsi: mpt3sas: Fix a memory leak (git-fixes).\n- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).\n- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).\n- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (git-fixes).\n- scsi: scsi_transport_fc: Add an additional flag to fc_host_fpin_rcv() (bsc#1210943).\n- scsi: sd: Fix wrong zone_write_granularity value during revalidate (git-fixes).\n- scsi: ses: Do not attach if enclosure has no components (git-fixes).\n- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (git-fixes).\n- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).\n- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (git-fixes).\n- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (git-fixes).\n- scsi: snic: Fix memory leak with using debugfs_lookup() (git-fixes).\n- seccomp: Move copy_seccomp() to no failure path (bsc#1210817).\n- selftests/kselftest/runner/run_one(): allow running non-executable files (git-fixes).\n- selftests: sigaltstack: fix -Wuninitialized (git-fixes).\n- selinux: ensure av_permissions.h is built when needed (git-fixes).\n- selinux: fix Makefile dependencies of flask.h (git-fixes).\n- serial: 8250: Add missing wakeup event reporting (git-fixes).\n- serial: 8250_bcm7271: Fix arbitration handling (git-fixes).\n- serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards (git-fixes).\n- serial: exar: Add support for Sealevel 7xxxC serial cards (git-fixes).\n- signal handling: do not use BUG_ON() for debugging (bsc#1210439).\n- signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed (bsc#1210816).\n- signal: Do not always set SA_IMMUTABLE for forced signals (bsc#1210816).\n- signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE (bsc#1210816).\n- soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe (git-fixes).\n- spi: cadence-quadspi: fix suspend-resume implementations (git-fixes).\n- spi: fsl-spi: Fix CPM/QE mode Litte Endian (git-fixes).\n- spi: qup: Do not skip cleanup in remove's error path (git-fixes).\n- staging: iio: resolver: ads1210: fix config mode (git-fixes).\n- staging: rtl8192e: Fix W_DISABLE# does not work after stop/start (git-fixes).\n- stat: fix inconsistency between struct stat and struct compat_stat (git-fixes).\n- sunrpc: only free unix grouplist after RCU settles (git-fixes).\n- supported.conf: declaring usb_f_ncm supported as requested in (jsc#PED-3750) Support for the legacy functionality g_ncm is still under discussion (see jsc-PED#3200) For maintainance see (jsc#PED-3759)\n- supported.conf: support u_ether and libcomposite (jsc-PED#3750) This is necessary for g_ncm (for maintainance see jsc-PED#3759)\n- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH (git-fixes).\n- tty: serial: fsl_lpuart: adjust buffer length to the intended size (git-fixes).\n- udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).\n- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).\n- udf: Support splicing to file (bsc#1210770).\n- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).\n- usb: chipidea: imx: avoid unnecessary probe defer (git-fixes).\n- usb: dwc3: gadget: Change condition for processing suspend event (git-fixes).\n- usb: dwc3: pci: add support for the Intel Meteor Lake-S (git-fixes).\n- usb: gadget: tegra-xudc: Fix crash in vbus_draw (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition (git-fixes).\n- usb: host: xhci-rcar: remove leftover quirk handling (git-fixes).\n- virt/coco/sev-guest: Add throttling awareness (bsc#1209927).\n- virt/coco/sev-guest: Carve out the request issuing logic into a helper (bsc#1209927).\n- virt/coco/sev-guest: Check SEV_SNP attribute at probe time (bsc#1209927).\n- virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case (bsc#1209927).\n- virt/coco/sev-guest: Do some code style cleanups (bsc#1209927).\n- virt/coco/sev-guest: Remove the disable_vmpck label in handle_guest_request() (bsc#1209927).\n- virt/coco/sev-guest: Simplify extended guest request handling (bsc#1209927).\n- virt/sev-guest: Return -EIO if certificate buffer is not large enough (bsc#1209927).\n- virtio_ring: do not update event idx on get_buf (git-fixes).\n- vmci_host: fix a race condition in vmci_host_poll() causing GPF (git-fixes).\n- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).\n- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).\n- wifi: ath6kl: minor fix for allocation size (git-fixes).\n- wifi: ath6kl: reduce WARN to dev_dbg() in callback (git-fixes).\n- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (git-fixes).\n- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (git-fixes).\n- wifi: brcmfmac: support CQM RSSI notification with older firmware (git-fixes).\n- wifi: iwlwifi: debug: fix crash in __iwl_err() (git-fixes).\n- wifi: iwlwifi: fix duplicate entry in iwl_dev_info_table (git-fixes).\n- wifi: iwlwifi: fw: fix memory leak in debugfs (git-fixes).\n- wifi: iwlwifi: fw: move memset before early return (git-fixes).\n- wifi: iwlwifi: make the loop for card preparation effective (git-fixes).\n- wifi: iwlwifi: mvm: check firmware response size (git-fixes).\n- wifi: iwlwifi: mvm: do not set CHECKSUM_COMPLETE for unsupported protocols (git-fixes).\n- wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (git-fixes).\n- wifi: iwlwifi: mvm: initialize seq variable (git-fixes).\n- wifi: iwlwifi: trans: do not trigger d3 interrupt twice (git-fixes).\n- wifi: iwlwifi: yoyo: Fix possible division by zero (git-fixes).\n- wifi: iwlwifi: yoyo: skip dump correctly on hw error (git-fixes).\n- wifi: mac80211: adjust scan cancel comment/check (git-fixes).\n- wifi: mt76: add missing locking to protect against concurrent rx/status calls (git-fixes).\n- wifi: mt76: fix 6GHz high channel not be scanned (git-fixes).\n- wifi: mt76: handle failure of vzalloc in mt7615_coredump_work (git-fixes).\n- wifi: mwifiex: mark OF related data as maybe unused (git-fixes).\n- wifi: rt2x00: Fix memory leak when handling surveys (git-fixes).\n- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() (git-fixes).\n- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() (git-fixes).\n- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() (git-fixes).\n- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() (git-fixes).\n- wifi: rtw89: fix potential race condition between napi_init and napi_enable (git-fixes).\n- writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs (bsc#1210769).\n- x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails (git-fixes).\n- x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (git-fixes).\n- x86/bug: Prevent shadowing in __WARN_FLAGS (git-fixes).\n- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).\n- x86/entry: Avoid very early RET (git-fixes).\n- x86/entry: Do not call error_entry() for XENPV (git-fixes).\n- x86/entry: Move CLD to the start of the idtentry macro (git-fixes).\n- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (git-fixes).\n- x86/entry: Switch the stack after error_entry() returns (git-fixes).\n- x86/fpu: Prevent FPU state corruption (git-fixes).\n- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (git-fixes).\n- x86/msi: Fix msi message data shadow struct (git-fixes).\n- x86/pci/xen: Disable PCI/MSI masking for XEN_HVM guests (git-fixes).\n- x86/traps: Use pt_regs directly in fixup_bad_iret() (git-fixes).\n- x86/tsx: Disable TSX development mode at boot (git-fixes).\n- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).\n- xhci: fix debugfs register accesses while suspended (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2231,SUSE-SLE-Micro-5.3-2023-2231,SUSE-SLE-Micro-5.4-2023-2231,SUSE-SLE-Module-Live-Patching-15-SP4-2023-2231,SUSE-SLE-Module-RT-15-SP4-2023-2231,openSUSE-Leap-Micro-5.3-2023-2231,openSUSE-SLE-15.4-2023-2231", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2231-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2231-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232231-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2231-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029435.html", }, { category: "self", summary: "SUSE Bug 1142685", url: "https://bugzilla.suse.com/1142685", }, { category: "self", summary: "SUSE Bug 1155798", url: "https://bugzilla.suse.com/1155798", }, { category: "self", summary: "SUSE Bug 1174777", url: "https://bugzilla.suse.com/1174777", }, { category: "self", summary: "SUSE Bug 1189999", url: "https://bugzilla.suse.com/1189999", }, { category: "self", summary: "SUSE Bug 1194869", url: "https://bugzilla.suse.com/1194869", }, { category: "self", summary: "SUSE Bug 1203039", url: "https://bugzilla.suse.com/1203039", }, { category: "self", summary: "SUSE Bug 1203325", url: "https://bugzilla.suse.com/1203325", }, { category: "self", summary: "SUSE Bug 1206649", url: "https://bugzilla.suse.com/1206649", }, { category: "self", summary: "SUSE Bug 1206891", url: "https://bugzilla.suse.com/1206891", }, { category: "self", summary: "SUSE Bug 1206992", url: "https://bugzilla.suse.com/1206992", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1208076", url: "https://bugzilla.suse.com/1208076", }, { category: "self", summary: "SUSE Bug 1208845", url: "https://bugzilla.suse.com/1208845", }, { category: "self", summary: "SUSE Bug 1209615", url: "https://bugzilla.suse.com/1209615", }, { category: "self", summary: "SUSE Bug 1209693", url: "https://bugzilla.suse.com/1209693", }, { category: "self", summary: "SUSE Bug 1209739", url: "https://bugzilla.suse.com/1209739", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209927", url: "https://bugzilla.suse.com/1209927", }, { category: "self", summary: "SUSE Bug 1209999", url: "https://bugzilla.suse.com/1209999", }, { category: "self", summary: "SUSE Bug 1210034", url: "https://bugzilla.suse.com/1210034", }, { category: "self", summary: "SUSE Bug 1210158", url: "https://bugzilla.suse.com/1210158", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210206", url: "https://bugzilla.suse.com/1210206", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210439", url: "https://bugzilla.suse.com/1210439", }, { category: "self", summary: "SUSE Bug 1210453", url: "https://bugzilla.suse.com/1210453", }, { category: "self", summary: "SUSE Bug 1210454", url: "https://bugzilla.suse.com/1210454", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210629", url: "https://bugzilla.suse.com/1210629", }, { category: "self", summary: "SUSE Bug 1210725", url: "https://bugzilla.suse.com/1210725", }, { category: "self", summary: "SUSE Bug 1210762", url: "https://bugzilla.suse.com/1210762", }, { category: "self", summary: "SUSE Bug 1210763", url: "https://bugzilla.suse.com/1210763", }, { category: "self", summary: "SUSE Bug 1210764", url: "https://bugzilla.suse.com/1210764", }, { category: "self", summary: "SUSE Bug 1210765", url: "https://bugzilla.suse.com/1210765", }, { category: "self", summary: "SUSE Bug 1210766", url: "https://bugzilla.suse.com/1210766", }, { category: "self", summary: "SUSE Bug 1210767", url: "https://bugzilla.suse.com/1210767", }, { category: "self", summary: "SUSE Bug 1210768", url: "https://bugzilla.suse.com/1210768", }, { category: "self", summary: "SUSE Bug 1210769", url: "https://bugzilla.suse.com/1210769", }, { category: "self", summary: "SUSE Bug 1210770", url: "https://bugzilla.suse.com/1210770", }, { category: "self", summary: "SUSE Bug 1210771", url: "https://bugzilla.suse.com/1210771", }, { category: "self", summary: "SUSE Bug 1210793", url: "https://bugzilla.suse.com/1210793", }, { category: "self", summary: "SUSE Bug 1210816", url: "https://bugzilla.suse.com/1210816", }, { category: "self", summary: "SUSE Bug 1210817", url: "https://bugzilla.suse.com/1210817", }, { category: "self", summary: "SUSE Bug 1210827", url: "https://bugzilla.suse.com/1210827", }, { category: "self", summary: "SUSE Bug 1210943", url: "https://bugzilla.suse.com/1210943", }, { category: "self", summary: "SUSE Bug 1210953", url: "https://bugzilla.suse.com/1210953", }, { category: "self", summary: "SUSE Bug 1210986", url: "https://bugzilla.suse.com/1210986", }, { category: "self", summary: "SUSE Bug 1211025", url: "https://bugzilla.suse.com/1211025", }, { category: "self", summary: "SUSE CVE CVE-2022-2196 page", url: "https://www.suse.com/security/cve/CVE-2022-2196/", }, { category: "self", summary: "SUSE CVE CVE-2023-0386 page", url: "https://www.suse.com/security/cve/CVE-2023-0386/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2008 page", url: "https://www.suse.com/security/cve/CVE-2023-2008/", }, { category: "self", summary: "SUSE CVE CVE-2023-2019 page", url: "https://www.suse.com/security/cve/CVE-2023-2019/", }, { category: "self", summary: "SUSE CVE CVE-2023-2176 page", url: "https://www.suse.com/security/cve/CVE-2023-2176/", }, { category: "self", summary: "SUSE CVE CVE-2023-2235 page", url: "https://www.suse.com/security/cve/CVE-2023-2235/", }, { category: "self", summary: "SUSE CVE CVE-2023-23006 page", url: "https://www.suse.com/security/cve/CVE-2023-23006/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-17T08:08:29Z", generator: { date: "2023-05-17T08:08:29Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2231-1", initial_release_date: "2023-05-17T08:08:29Z", revision_history: [ { date: "2023-05-17T08:08:29Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-5.14.21-150400.15.28.1.noarch", product: { name: "kernel-devel-rt-5.14.21-150400.15.28.1.noarch", product_id: "kernel-devel-rt-5.14.21-150400.15.28.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-5.14.21-150400.15.28.1.noarch", product: { name: "kernel-source-rt-5.14.21-150400.15.28.1.noarch", product_id: "kernel-source-rt-5.14.21-150400.15.28.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", product: { name: "cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", product_id: "cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", product: { name: "dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", product_id: "dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", product: { name: "gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", product_id: "gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", product: { name: "kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", product_id: "kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", }, }, { category: "product_version", name: "kernel-rt-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt-extra-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt-extra-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt-livepatch-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt-livepatch-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-devel-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt-livepatch-devel-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt-livepatch-devel-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt-optional-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt-optional-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt-optional-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.28.2.x86_64", product: { name: "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.28.2.x86_64", product_id: "kernel-rt_debug-livepatch-devel-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", product: { name: "kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", product_id: "kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-5.14.21-150400.15.28.2.x86_64", product: { name: "kselftests-kmp-rt-5.14.21-150400.15.28.2.x86_64", product_id: "kselftests-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", product: { name: "ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", product_id: "ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt-5.14.21-150400.15.28.2.x86_64", product: { name: "reiserfs-kmp-rt-5.14.21-150400.15.28.2.x86_64", product_id: "reiserfs-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.3", product: { name: "SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.4", product: { name: "SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP4", product: { name: "SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp4", }, }, }, { category: "product_name", name: "SUSE Real Time Module 15 SP4", product: { name: "SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-rt:15:sp4", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.3", product: { name: "openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.3", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.28.2.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.28.2.x86_64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", }, product_reference: "kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-5.14.21-150400.15.28.1.noarch as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", }, product_reference: "kernel-devel-rt-5.14.21-150400.15.28.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-5.14.21-150400.15.28.1.noarch as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", }, product_reference: "kernel-source-rt-5.14.21-150400.15.28.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-5.14.21-150400.15.28.1.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", }, product_reference: "kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of SUSE Real Time Module 15 SP4", product_id: "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-5.14.21-150400.15.28.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", }, product_reference: "kernel-devel-rt-5.14.21-150400.15.28.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", }, product_reference: "kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-5.14.21-150400.15.28.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", }, product_reference: "kernel-source-rt-5.14.21-150400.15.28.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-5.14.21-150400.15.28.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", }, product_reference: "kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", }, product_reference: "ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-2196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2196", }, ], notes: [ { category: "general", text: "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2196", url: "https://www.suse.com/security/cve/CVE-2022-2196", }, { category: "external", summary: "SUSE Bug 1206992 for CVE-2022-2196", url: "https://bugzilla.suse.com/1206992", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2022-2196", }, { cve: "CVE-2023-0386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0386", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0386", url: "https://www.suse.com/security/cve/CVE-2023-0386", }, { category: "external", summary: "SUSE Bug 1209615 for CVE-2023-0386", url: "https://bugzilla.suse.com/1209615", }, { category: "external", summary: "SUSE Bug 1210499 for CVE-2023-0386", url: "https://bugzilla.suse.com/1210499", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "important", }, ], title: "CVE-2023-0386", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2008", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2008", url: "https://www.suse.com/security/cve/CVE-2023-2008", }, { category: "external", summary: "SUSE Bug 1210453 for CVE-2023-2008", url: "https://bugzilla.suse.com/1210453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-2008", }, { cve: "CVE-2023-2019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2019", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2019", url: "https://www.suse.com/security/cve/CVE-2023-2019", }, { category: "external", summary: "SUSE Bug 1210454 for CVE-2023-2019", url: "https://bugzilla.suse.com/1210454", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-2019", }, { cve: "CVE-2023-2176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2176", }, ], notes: [ { category: "general", text: "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2176", url: "https://www.suse.com/security/cve/CVE-2023-2176", }, { category: "external", summary: "SUSE Bug 1210629 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210629", }, { category: "external", summary: "SUSE Bug 1210630 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210630", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2176", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "important", }, ], title: "CVE-2023-2176", }, { cve: "CVE-2023-2235", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2235", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation.\n\nThe perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability.\n\nWe recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2235", url: "https://www.suse.com/security/cve/CVE-2023-2235", }, { category: "external", summary: "SUSE Bug 1210986 for CVE-2023-2235", url: "https://bugzilla.suse.com/1210986", }, { category: "external", summary: "SUSE Bug 1210987 for CVE-2023-2235", url: "https://bugzilla.suse.com/1210987", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "important", }, ], title: "CVE-2023-2235", }, { cve: "CVE-2023-23006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23006", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23006", url: "https://www.suse.com/security/cve/CVE-2023-23006", }, { category: "external", summary: "SUSE Bug 1208845 for CVE-2023-23006", url: "https://bugzilla.suse.com/1208845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-23006", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_15_28-rt-1-150400.1.5.2.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "SUSE Real Time Module 15 SP4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "SUSE Real Time Module 15 SP4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "SUSE Real Time Module 15 SP4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:dlm-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:gfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-devel-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-rt_debug-devel-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap 15.4:kernel-source-rt-5.14.21-150400.15.28.1.noarch", "openSUSE Leap 15.4:kernel-syms-rt-5.14.21-150400.15.28.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-rt-5.14.21-150400.15.28.2.x86_64", "openSUSE Leap Micro 5.3:kernel-rt-5.14.21-150400.15.28.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-17T08:08:29Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2140-1
Vulnerability from csaf_suse
Published
2023-05-09 12:28
Modified
2023-05-09 12:28
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2235: A use-after-free vulnerability in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210986).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-23006: Fixed NULL checking against IS_ERR in dr_domain_init_resources (bsc#1208845).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-0386: A flaw was found where unauthorized access to the execution of the setuid file with capabilities was found in the OverlayFS subsystem, when a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allowed a local user to escalate their privileges on the system (bsc#1209615).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2019: A flaw was found in the netdevsim device driver, more specifically within the scheduling of events. This issue results from the improper management of a reference count and may lead to a denial of service (bsc#1210454).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
The following non-security bugs were fixed:
- ACPI: CPPC: Disable FIE if registers in PCC regions (bsc#1210953).
- ACPI: VIOT: Initialize the correct IOMMU fwspec (git-fixes).
- ACPI: resource: Add Medion S17413 to IRQ override quirk (git-fixes).
- ALSA: emu10k1: do not create old pass-through playback device on Audigy (git-fixes).
- ALSA: emu10k1: fix capture interrupt handler unlinking (git-fixes).
- ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (git-fixes).
- ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock (git-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2 (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and speaker support for HP Laptops (git-fixes).
- ALSA: hda/realtek: Remove specific patch for Dell Precision 3260 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP platform (git-fixes).
- ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (git-fixes).
- ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (git-fixes).
- ALSA: hda: cs35l41: Enable Amp High Pass Filter (git-fixes).
- ALSA: hda: patch_realtek: add quirk for Asus N7601ZM (git-fixes).
- ALSA: i2c/cs8427: fix iec958 mixer control deactivation (git-fixes).
- ARM: 9290/1: uaccess: Fix KASAN false-positives (git-fixes).
- ARM: dts: exynos: fix WM8960 clock name in Itop Elite (git-fixes).
- ARM: dts: gta04: fix excess dma channel usage (git-fixes).
- ARM: dts: qcom: ipq4019: Fix the PCI I/O port range (git-fixes).
- ARM: dts: rockchip: fix a typo error for rk3288 spdif node (git-fixes).
- ARM: dts: s5pv210: correct MIPI CSIS clock name (git-fixes).
- ASN.1: Fix check for strdup() success (git-fixes).
- ASoC: cs35l41: Only disable internal boost (git-fixes).
- ASoC: es8316: Handle optional IRQ assignment (git-fixes).
- ASoC: fsl_asrc_dma: fix potential null-ptr-deref (git-fixes).
- ASoC: fsl_mqs: move of_node_put() to the correct location (git-fixes).
- Bluetooth: Fix race condition in hidp_session_thread (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (git-fixes).
- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- IB/mlx5: Add support for 400G_8X lane speed (git-fixes)
- Input: hp_sdc_rtc - mark an unused function as __maybe_unused (git-fixes).
- Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (git-fixes).
- KEYS: Add missing function documentation (git-fixes).
- KEYS: Create static version of public_key_verify_signature (git-fixes).
- NFS: Cleanup unused rpc_clnt variable (git-fixes).
- NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL (git-fixes).
- NFSD: callback request does not use correct credential for AUTH_SYS (git-fixes).
- PCI/EDR: Clear Device Status after EDR error recovery (git-fixes).
- PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled (git-fixes).
- PCI: imx6: Install the fault handler only on compatible match (git-fixes).
- PCI: loongson: Add more devices that need MRRS quirk (git-fixes).
- PCI: loongson: Prevent LS7A MRRS increases (git-fixes).
- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
- PCI: qcom: Fix the incorrect register usage in v2.7.0 config (git-fixes).
- RDMA/cma: Allow UD qp_type to join multicast only (git-fixes)
- RDMA/core: Fix GID entry ref leak when create_ah fails (git-fixes)
- RDMA/irdma: Add ipv4 check to irdma_find_listener() (git-fixes)
- RDMA/irdma: Fix memory leak of PBLE objects (git-fixes)
- RDMA/irdma: Increase iWARP CM default rexmit count (git-fixes)
- Remove obsolete KMP obsoletes (bsc#1210469).
- Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (git-fixes).
- Revert 'pinctrl: amd: Disable and mask interrupts on resume' (git-fixes).
- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
- USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).
- USB: serial: option: add Quectel RM500U-CN modem (git-fixes).
- USB: serial: option: add Telit FE990 compositions (git-fixes).
- USB: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).
- amdgpu: disable powerpc support for the newer display engine (bsc#1194869).
- arm64: dts: imx8mm-evk: correct pmic clock source (git-fixes).
- arm64: dts: meson-g12-common: specify full DMC range (git-fixes).
- arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node (git-fixes).
- arm64: dts: qcom: ipq8074: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator (git-fixes).
- arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator (git-fixes).
- arm64: dts: qcom: msm8996: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name (git-fixes).
- arm64: dts: qcom: msm8998: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply (git-fixes).
- arm64: dts: qcom: sdm845: Fix the PCI I/O port range (git-fixes).
- arm64: dts: qcom: sm8250: Fix the PCI I/O port range (git-fixes).
- arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table (git-fixes).
- arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table (git-fixes).
- arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property (git-fixes).
- bluetooth: Perform careful capability checks in hci_sock_ioctl() (git-fixes).
- cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods
- cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).
- cifs: fix negotiate context parsing (bsc#1210301).
- clk: add missing of_node_put() in 'assigned-clocks' property parsing (git-fixes).
- clk: at91: clk-sam9x60-pll: fix return value check (git-fixes).
- clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent (git-fixes).
- clk: sprd: set max_register according to mapping range (git-fixes).
- clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails (git-fixes).
- cpufreq: CPPC: Fix build error without CONFIG_ACPI_CPPC_CPUFREQ_FIE (bsc#1210953).
- cpufreq: CPPC: Fix performance/frequency conversion (git-fixes).
- cpumask: fix incorrect cpumask scanning result checks (bsc#1210943).
- crypto: caam - Clear some memory in instantiate_rng (git-fixes).
- crypto: drbg - Only fail when jent is unavailable in FIPS mode (git-fixes).
- crypto: sa2ul - Select CRYPTO_DES (git-fixes).
- crypto: safexcel - Cleanup ring IRQ workqueues on load failure (git-fixes).
- driver core: Do not require dynamic_debug for initcall_debug probe timing (git-fixes).
- drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() (git-fixes).
- drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() (git-fixes).
- drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings (git-fixes).
- drm/amd/display: Fix potential null dereference (git-fixes).
- drm/amdgpu: Re-enable DCN for 64-bit powerpc (bsc#1194869).
- drm/armada: Fix a potential double free in an error handling path (git-fixes).
- drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535 (git-fixes).
- drm/bridge: lt8912b: Fix DSI Video Mode (git-fixes).
- drm/bridge: lt9611: Fix PLL being unable to lock (git-fixes).
- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var (git-fixes).
- drm/i915/dsi: fix DSS CTL register offsets for TGL+ (git-fixes).
- drm/i915: Fix fast wake AUX sync len (git-fixes).
- drm/i915: Make intel_get_crtc_new_encoder() less oopsy (git-fixes).
- drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (git-fixes).
- drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() (git-fixes).
- drm/msm/adreno: drop bogus pm_runtime_set_active() (git-fixes).
- drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources (git-fixes).
- drm/msm: fix NULL-deref on snapshot tear down (git-fixes).
- drm/nouveau/disp: Support more modes by checking with lower bpc (git-fixes).
- drm/panel: otm8009a: Set backlight parent to panel device (git-fixes).
- drm/probe-helper: Cancel previous job before starting new one (git-fixes).
- drm/rockchip: Drop unbalanced obj unref (git-fixes).
- drm/vgem: add missing mutex_destroy (git-fixes).
- drm: msm: adreno: Disable preemption on Adreno 510 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (git-fixes).
- drm: rcar-du: Fix a NULL vs IS_ERR() bug (git-fixes).
- dt-bindings: arm: fsl: Fix copy-paste error in comment (git-fixes).
- dt-bindings: iio: ti,tmp117: fix documentation link (git-fixes).
- dt-bindings: mailbox: qcom,apcs-kpss-global: fix SDX55 'if' match (git-fixes).
- dt-bindings: nvmem: qcom,spmi-sdam: fix example 'reg' property (git-fixes).
- dt-bindings: remoteproc: stm32-rproc: Typo fix (git-fixes).
- dt-bindings: soc: qcom: smd-rpm: re-add missing qcom,rpm-msm8994 (git-fixes).
- e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).
- efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (git-fixes).
- ext4: Fix deadlock during directory rename (bsc#1210763).
- ext4: Fix possible corruption when moving a directory (bsc#1210763).
- ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).
- ext4: fix another off-by-one fsmap error on 1k block filesystems (bsc#1210767).
- ext4: fix bad checksum after online resize (bsc#1210762 bsc#1208076).
- ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).
- ext4: fix corruption when online resizing a 1K bigalloc fs (bsc#1206891).
- ext4: fix incorrect options show of original mount_opt and extend mount_opt2 (bsc#1210764).
- ext4: fix possible double unlock when moving a directory (bsc#1210763).
- ext4: use ext4_journal_start/stop for fast commit transactions (bsc#1210793).
- fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace (git-fixes).
- firmware: qcom_scm: Clear download bit during reboot (git-fixes).
- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes).
- fpga: bridge: fix kernel-doc parameter description (git-fixes).
- hwmon: (adt7475) Use device_property APIs when configuring polarity (git-fixes).
- hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write (git-fixes).
- hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E (git-fixes).
- i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path (git-fixes).
- i2c: hisi: Avoid redundant interrupts (git-fixes).
- i2c: imx-lpi2c: clean rx/tx buffers upon new message (git-fixes).
- i2c: ocores: generate stop condition after timeout in polling mode (git-fixes).
- i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call (git-fixes).
- ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (bsc#1210158).
- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (git-fixes).
- iio: light: tsl2772: fix reading proximity-diodes from device tree (git-fixes).
- ipmi: fix SSIF not responding under certain cond (git-fixes).
- ipmi:ssif: Add send_retries increment (git-fixes).
- k-m-s: Drop Linux 2.6 support
- kABI: PCI: loongson: Prevent LS7A MRRS increases (kabi).
- kABI: x86/msi: Fix msi message data shadow struct (kabi).
- kabi/severities: ignore KABI for NVMe target (bsc#1174777).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- locking/rwbase: Mitigate indefinite writer starvation.
- media: av7110: prevent underflow in write_ts_to_decoder() (git-fixes).
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (git-fixes).
- media: max9286: Free control handler (git-fixes).
- media: rc: gpio-ir-recv: Fix support for wake-up (git-fixes).
- media: rkvdec: fix use after free bug in rkvdec_remove (git-fixes).
- media: saa7134: fix use after free bug in saa7134_finidev due to race condition (git-fixes).
- media: venus: dec: Fix handling of the start cmd (git-fixes).
- memstick: fix memory leak if card device is never registered (git-fixes).
- mm/filemap: fix page end in filemap_get_read_batch (bsc#1210768).
- mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages (bsc#1210034).
- mm: take a page reference when removing device exclusive entries (bsc#1211025).
- mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data (git-fixes).
- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (git-fixes).
- mtd: core: fix error path for nvmem provider (git-fixes).
- mtd: core: fix nvmem error reporting (git-fixes).
- mtd: core: provide unique name for nvmem device, take two (git-fixes).
- mtd: spi-nor: Fix a trivial typo (git-fixes).
- net: phy: nxp-c45-tja11xx: add remove callback (git-fixes).
- net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow (git-fixes).
- nfsd: call op_release, even when op_func returns an error (git-fixes).
- nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (git-fixes).
- nilfs2: initialize unused bytes in segment summary blocks (git-fixes).
- nvme initialize core quirks before calling nvme_init_subsystem (git-fixes).
- nvme-auth: uninitialized variable in nvme_auth_transform_key() (git-fixes).
- nvme-fcloop: fix 'inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage' (git-fixes).
- nvme-hwmon: consistently ignore errors from nvme_hwmon_init (git-fixes).
- nvme-hwmon: kmalloc the NVME SMART log buffer (git-fixes).
- nvme-multipath: fix possible hang in live ns resize with ANA access (git-fixes).
- nvme-pci: fix doorbell buffer value endianness (git-fixes).
- nvme-pci: fix mempool alloc size (git-fixes).
- nvme-pci: fix page size checks (git-fixes).
- nvme-pci: fix timeout request state check (git-fixes).
- nvme-rdma: fix possible hang caused during ctrl deletion (git-fixes).
- nvme-tcp: fix possible circular locking when deleting a controller under memory pressure (git-fixes).
- nvme-tcp: fix possible hang caused during ctrl deletion (git-fixes).
- nvme-tcp: fix regression that causes sporadic requests to time out (git-fixes).
- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices (git-fixes).
- nvme: add device name to warning in uuid_show() (git-fixes).
- nvme: catch -ENODEV from nvme_revalidate_zones again (git-fixes).
- nvme: copy firmware_rev on each init (git-fixes).
- nvme: define compat_ioctl again to unbreak 32-bit userspace (git-fixes).
- nvme: fix async event trace event (git-fixes).
- nvme: fix handling single range discard request (git-fixes).
- nvme: fix per-namespace chardev deletion (git-fixes).
- nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition (git-fixes).
- nvme: fix the read-only state for zoned namespaces with unsupposed features (git-fixes).
- nvme: improve the NVME_CONNECT_AUTHREQ* definitions (git-fixes).
- nvme: move nvme_multi_css into nvme.h (git-fixes).
- nvme: return err on nvme_init_non_mdts_limits fail (git-fixes).
- nvme: send Identify with CNS 06h only to I/O controllers (bsc#1209693).
- nvme: set dma alignment to dword (git-fixes).
- nvme: use command_id instead of req->tag in trace_nvme_complete_rq() (git-fixes).
- nvmet-auth: do not try to cancel a non-initialized work_struct (git-fixes).
- nvmet-tcp: fix incomplete data digest send (git-fixes).
- nvmet-tcp: fix regression in data_digest calculation (git-fixes).
- nvmet: add helpers to set the result field for connect commands (git-fixes).
- nvmet: avoid potential UAF in nvmet_req_complete() (git-fixes).
- nvmet: do not defer passthrough commands with trivial effects to the workqueue (git-fixes).
- nvmet: fix I/O Command Set specific Identify Controller (git-fixes).
- nvmet: fix Identify Active Namespace ID list handling (git-fixes).
- nvmet: fix Identify Controller handling (git-fixes).
- nvmet: fix Identify Namespace handling (git-fixes).
- nvmet: fix a memory leak (git-fixes).
- nvmet: fix a memory leak in nvmet_auth_set_key (git-fixes).
- nvmet: fix a use-after-free (git-fixes).
- nvmet: fix invalid memory reference in nvmet_subsys_attr_qid_max_show (git-fixes).
- nvmet: force reconnect when number of queue changes (git-fixes).
- nvmet: looks at the passthrough controller when initializing CAP (git-fixes).
- nvmet: only allocate a single slab for bvecs (git-fixes).
- nvmet: use IOCB_NOWAIT only if the filesystem supports it (git-fixes).
- perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output (git fixes).
- perf/core: Fix the same task check in perf_event_set_output (git fixes).
- perf: Fix check before add_event_to_groups() in perf_group_detach() (git fixes).
- perf: fix perf_event_context->time (git fixes).
- platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2 (git-fixes).
- platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE (git-fixes).
- power: supply: cros_usbpd: reclassify 'default case!' as debug (git-fixes).
- power: supply: generic-adc-battery: fix unit scaling (git-fixes).
- powerpc/64: Always build with 128-bit long double (bsc#1194869).
- powerpc/64e: Fix amdgpu build on Book3E w/o AltiVec (bsc#1194869).
- powerpc/hv-gpci: Fix hv_gpci event list (git fixes).
- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc/perf/hv-24x7: add missing RTAS retry status handling (git fixes).
- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
- powerpc: declare unmodified attribute_group usages const (git-fixes).
- regulator: core: Avoid lockdep reports when resolving supplies (git-fixes).
- regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() (git-fixes).
- regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted (git-fixes).
- regulator: fan53555: Explicitly include bits header (git-fixes).
- regulator: fan53555: Fix wrong TCS_SLEW_MASK (git-fixes).
- regulator: stm32-pwr: fix of_iomap leak (git-fixes).
- remoteproc: Harden rproc_handle_vdev() against integer overflow (git-fixes).
- remoteproc: imx_rproc: Call of_node_put() on iteration error (git-fixes).
- remoteproc: st: Call of_node_put() on iteration error (git-fixes).
- remoteproc: stm32: Call of_node_put() on iteration error (git-fixes).
- rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time (git-fixes).
- rtc: omap: include header for omap_rtc_power_off_program prototype (git-fixes).
- sched/fair: Fix imbalance overflow (bsc#1155798).
- sched/fair: Limit sched slice duration (bsc#1189999).
- sched/fair: Move calculate of avg_load to a better location (bsc#1155798).
- sched/fair: Sanitize vruntime of entity being migrated (bsc#1203325).
- sched/fair: sanitize vruntime of entity being placed (bsc#1203325).
- sched/numa: Stop an exhastive search if an idle core is found (bsc#1189999).
- sched_getaffinity: do not assume 'cpumask_size()' is fully initialized (bsc#1155798).
- scsi: aic94xx: Add missing check for dma_map_single() (git-fixes).
- scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD (git-fixes bsc#1203039).
- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (git-fixes).
- scsi: core: Fix a procfs host directory removal regression (git-fixes).
- scsi: core: Fix a source code comment (git-fixes).
- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).
- scsi: hisi_sas: Check devm_add_action() return value (git-fixes).
- scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id (git-fixes).
- scsi: ipr: Work around fortify-string warning (git-fixes).
- scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() (git-fixes).
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (git-fixes).
- scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (git-fixes).
- scsi: kABI workaround for fc_host_fpin_rcv (git-fixes).
- scsi: libsas: Remove useless dev_list delete in sas_ex_discover_end_dev() (git-fixes).
- scsi: lpfc: Avoid usage of list iterator variable after loop (git-fixes).
- scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() (git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.11 patches (bsc#1210943).
- scsi: lpfc: Correct used_rpi count when devloss tmo fires with no recovery (bsc#1210943).
- scsi: lpfc: Defer issuing new PLOGI if received RSCN before completing REG_LOGIN (bsc#1210943).
- scsi: lpfc: Drop redundant pci_enable_pcie_error_reporting() (bsc#1210943).
- scsi: lpfc: Fix double word in comments (bsc#1210943).
- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (bsc#1210943).
- scsi: lpfc: Fix lockdep warning for rx_monitor lock when unloading driver (bsc#1210943).
- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (bsc#1210943).
- scsi: lpfc: Record LOGO state with discovery engine even if aborted (bsc#1210943).
- scsi: lpfc: Reorder freeing of various DMA buffers and their list removal (bsc#1210943).
- scsi: lpfc: Revise lpfc_error_lost_link() reason code evaluation logic (bsc#1210943).
- scsi: lpfc: Silence an incorrect device output (bsc#1210943).
- scsi: lpfc: Skip waiting for register ready bits when in unrecoverable state (bsc#1210943).
- scsi: lpfc: Update lpfc version to 14.2.0.11 (bsc#1210943).
- scsi: megaraid_sas: Fix crash after a double completion (git-fixes).
- scsi: megaraid_sas: Update max supported LD IDs to 240 (git-fixes).
- scsi: mpt3sas: Do not print sense pool info twice (git-fixes).
- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (git-fixes).
- scsi: mpt3sas: Fix a memory leak (git-fixes).
- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).
- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (git-fixes).
- scsi: scsi_transport_fc: Add an additional flag to fc_host_fpin_rcv() (bsc#1210943).
- scsi: sd: Fix wrong zone_write_granularity value during revalidate (git-fixes).
- scsi: ses: Do not attach if enclosure has no components (git-fixes).
- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (git-fixes).
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).
- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (git-fixes).
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (git-fixes).
- scsi: snic: Fix memory leak with using debugfs_lookup() (git-fixes).
- seccomp: Move copy_seccomp() to no failure path (bsc#1210817).
- selftests/kselftest/runner/run_one(): allow running non-executable files (git-fixes).
- selftests: sigaltstack: fix -Wuninitialized (git-fixes).
- selinux: ensure av_permissions.h is built when needed (git-fixes).
- selinux: fix Makefile dependencies of flask.h (git-fixes).
- serial: 8250: Add missing wakeup event reporting (git-fixes).
- serial: 8250_bcm7271: Fix arbitration handling (git-fixes).
- serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards (git-fixes).
- serial: exar: Add support for Sealevel 7xxxC serial cards (git-fixes).
- signal handling: do not use BUG_ON() for debugging (bsc#1210439).
- signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed (bsc#1210816).
- signal: Do not always set SA_IMMUTABLE for forced signals (bsc#1210816).
- signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE (bsc#1210816).
- soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe (git-fixes).
- spi: cadence-quadspi: fix suspend-resume implementations (git-fixes).
- spi: fsl-spi: Fix CPM/QE mode Litte Endian (git-fixes).
- spi: qup: Do not skip cleanup in remove's error path (git-fixes).
- staging: iio: resolver: ads1210: fix config mode (git-fixes).
- staging: rtl8192e: Fix W_DISABLE# does not work after stop/start (git-fixes).
- stat: fix inconsistency between struct stat and struct compat_stat (git-fixes).
- sunrpc: only free unix grouplist after RCU settles (git-fixes).
- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH (git-fixes).
- tty: serial: fsl_lpuart: adjust buffer length to the intended size (git-fixes).
- udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).
- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).
- udf: Support splicing to file (bsc#1210770).
- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).
- usb: chipidea: imx: avoid unnecessary probe defer (git-fixes).
- usb: dwc3: gadget: Change condition for processing suspend event (git-fixes).
- usb: dwc3: pci: add support for the Intel Meteor Lake-S (git-fixes).
- usb: gadget: tegra-xudc: Fix crash in vbus_draw (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition (git-fixes).
- usb: host: xhci-rcar: remove leftover quirk handling (git-fixes).
- virt/coco/sev-guest: Add throttling awareness (bsc#1209927).
- virt/coco/sev-guest: Carve out the request issuing logic into a helper (bsc#1209927).
- virt/coco/sev-guest: Check SEV_SNP attribute at probe time (bsc#1209927).
- virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case (bsc#1209927).
- virt/coco/sev-guest: Do some code style cleanups (bsc#1209927).
- virt/coco/sev-guest: Remove the disable_vmpck label in handle_guest_request() (bsc#1209927).
- virt/coco/sev-guest: Simplify extended guest request handling (bsc#1209927).
- virt/sev-guest: Return -EIO if certificate buffer is not large enough (bsc#1209927).
- virtio_ring: do not update event idx on get_buf (git-fixes).
- vmci_host: fix a race condition in vmci_host_poll() causing GPF (git-fixes).
- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).
- wifi: ath6kl: minor fix for allocation size (git-fixes).
- wifi: ath6kl: reduce WARN to dev_dbg() in callback (git-fixes).
- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (git-fixes).
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (git-fixes).
- wifi: brcmfmac: support CQM RSSI notification with older firmware (git-fixes).
- wifi: iwlwifi: debug: fix crash in __iwl_err() (git-fixes).
- wifi: iwlwifi: fix duplicate entry in iwl_dev_info_table (git-fixes).
- wifi: iwlwifi: fw: fix memory leak in debugfs (git-fixes).
- wifi: iwlwifi: fw: move memset before early return (git-fixes).
- wifi: iwlwifi: make the loop for card preparation effective (git-fixes).
- wifi: iwlwifi: mvm: check firmware response size (git-fixes).
- wifi: iwlwifi: mvm: do not set CHECKSUM_COMPLETE for unsupported protocols (git-fixes).
- wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (git-fixes).
- wifi: iwlwifi: mvm: initialize seq variable (git-fixes).
- wifi: iwlwifi: trans: do not trigger d3 interrupt twice (git-fixes).
- wifi: iwlwifi: yoyo: Fix possible division by zero (git-fixes).
- wifi: iwlwifi: yoyo: skip dump correctly on hw error (git-fixes).
- wifi: mac80211: adjust scan cancel comment/check (git-fixes).
- wifi: mt76: add missing locking to protect against concurrent rx/status calls (git-fixes).
- wifi: mt76: fix 6GHz high channel not be scanned (git-fixes).
- wifi: mt76: handle failure of vzalloc in mt7615_coredump_work (git-fixes).
- wifi: mwifiex: mark OF related data as maybe unused (git-fixes).
- wifi: rt2x00: Fix memory leak when handling surveys (git-fixes).
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() (git-fixes).
- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() (git-fixes).
- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() (git-fixes).
- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() (git-fixes).
- wifi: rtw89: fix potential race condition between napi_init and napi_enable (git-fixes).
- writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs (bsc#1210769).
- x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails (git-fixes).
- x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (git-fixes).
- x86/bug: Prevent shadowing in __WARN_FLAGS (git-fixes).
- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
- x86/entry: Avoid very early RET (git-fixes).
- x86/entry: Do not call error_entry() for XENPV (git-fixes).
- x86/entry: Move CLD to the start of the idtentry macro (git-fixes).
- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (git-fixes).
- x86/entry: Switch the stack after error_entry() returns (git-fixes).
- x86/fpu: Prevent FPU state corruption (git-fixes).
- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (git-fixes).
- x86/msi: Fix msi message data shadow struct (git-fixes).
- x86/pci/xen: Disable PCI/MSI masking for XEN_HVM guests (git-fixes).
- x86/traps: Use pt_regs directly in fixup_bad_iret() (git-fixes).
- x86/tsx: Disable TSX development mode at boot (git-fixes).
- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).
- xhci: fix debugfs register accesses while suspended (git-fixes).
kernel-default-base changed:
- Do not ship on s390x (bsc#1210729)
- Add exfat (bsc#1208822)
- Add _diag modules for included socket types (bsc#1204042)
Patchnames
SUSE-2023-2140,SUSE-SLE-Micro-5.3-2023-2140,SUSE-SLE-Micro-5.4-2023-2140,SUSE-SLE-Module-Basesystem-15-SP4-2023-2140,SUSE-SLE-Module-Development-Tools-15-SP4-2023-2140,SUSE-SLE-Module-Legacy-15-SP4-2023-2140,SUSE-SLE-Module-Live-Patching-15-SP4-2023-2140,SUSE-SLE-Product-HA-15-SP4-2023-2140,SUSE-SLE-Product-WE-15-SP4-2023-2140,openSUSE-Leap-Micro-5.3-2023-2140,openSUSE-SLE-15.4-2023-2140
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2235: A use-after-free vulnerability in the Performance Events system can be exploited to achieve local privilege escalation (bsc#1210986).\n- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).\n- CVE-2023-23006: Fixed NULL checking against IS_ERR in dr_domain_init_resources (bsc#1208845).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).\n- CVE-2023-0386: A flaw was found where unauthorized access to the execution of the setuid file with capabilities was found in the OverlayFS subsystem, when a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allowed a local user to escalate their privileges on the system (bsc#1209615).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-2019: A flaw was found in the netdevsim device driver, more specifically within the scheduling of events. This issue results from the improper management of a reference count and may lead to a denial of service (bsc#1210454).\n- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Disable FIE if registers in PCC regions (bsc#1210953).\n- ACPI: VIOT: Initialize the correct IOMMU fwspec (git-fixes).\n- ACPI: resource: Add Medion S17413 to IRQ override quirk (git-fixes).\n- ALSA: emu10k1: do not create old pass-through playback device on Audigy (git-fixes).\n- ALSA: emu10k1: fix capture interrupt handler unlinking (git-fixes).\n- ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (git-fixes).\n- ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock (git-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2 (git-fixes).\n- ALSA: hda/realtek: Enable mute/micmute LEDs and speaker support for HP Laptops (git-fixes).\n- ALSA: hda/realtek: Remove specific patch for Dell Precision 3260 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n- ALSA: hda/realtek: fix speaker, mute/micmute LEDs not work on a HP platform (git-fixes).\n- ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (git-fixes).\n- ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (git-fixes).\n- ALSA: hda: cs35l41: Enable Amp High Pass Filter (git-fixes).\n- ALSA: hda: patch_realtek: add quirk for Asus N7601ZM (git-fixes).\n- ALSA: i2c/cs8427: fix iec958 mixer control deactivation (git-fixes).\n- ARM: 9290/1: uaccess: Fix KASAN false-positives (git-fixes).\n- ARM: dts: exynos: fix WM8960 clock name in Itop Elite (git-fixes).\n- ARM: dts: gta04: fix excess dma channel usage (git-fixes).\n- ARM: dts: qcom: ipq4019: Fix the PCI I/O port range (git-fixes).\n- ARM: dts: rockchip: fix a typo error for rk3288 spdif node (git-fixes).\n- ARM: dts: s5pv210: correct MIPI CSIS clock name (git-fixes).\n- ASN.1: Fix check for strdup() success (git-fixes).\n- ASoC: cs35l41: Only disable internal boost (git-fixes).\n- ASoC: es8316: Handle optional IRQ assignment (git-fixes).\n- ASoC: fsl_asrc_dma: fix potential null-ptr-deref (git-fixes).\n- ASoC: fsl_mqs: move of_node_put() to the correct location (git-fixes).\n- Bluetooth: Fix race condition in hidp_session_thread (git-fixes).\n- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (git-fixes).\n- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).\n- IB/mlx5: Add support for 400G_8X lane speed (git-fixes)\n- Input: hp_sdc_rtc - mark an unused function as __maybe_unused (git-fixes).\n- Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (git-fixes).\n- KEYS: Add missing function documentation (git-fixes).\n- KEYS: Create static version of public_key_verify_signature (git-fixes).\n- NFS: Cleanup unused rpc_clnt variable (git-fixes).\n- NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL (git-fixes).\n- NFSD: callback request does not use correct credential for AUTH_SYS (git-fixes).\n- PCI/EDR: Clear Device Status after EDR error recovery (git-fixes).\n- PCI: dwc: Fix PORT_LINK_CONTROL update when CDM check enabled (git-fixes).\n- PCI: imx6: Install the fault handler only on compatible match (git-fixes).\n- PCI: loongson: Add more devices that need MRRS quirk (git-fixes).\n- PCI: loongson: Prevent LS7A MRRS increases (git-fixes).\n- PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).\n- PCI: qcom: Fix the incorrect register usage in v2.7.0 config (git-fixes).\n- RDMA/cma: Allow UD qp_type to join multicast only (git-fixes)\n- RDMA/core: Fix GID entry ref leak when create_ah fails (git-fixes)\n- RDMA/irdma: Add ipv4 check to irdma_find_listener() (git-fixes)\n- RDMA/irdma: Fix memory leak of PBLE objects (git-fixes)\n- RDMA/irdma: Increase iWARP CM default rexmit count (git-fixes)\n- Remove obsolete KMP obsoletes (bsc#1210469).\n- Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (git-fixes).\n- Revert 'pinctrl: amd: Disable and mask interrupts on resume' (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).\n- USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).\n- USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).\n- USB: serial: option: add Quectel RM500U-CN modem (git-fixes).\n- USB: serial: option: add Telit FE990 compositions (git-fixes).\n- USB: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).\n- amdgpu: disable powerpc support for the newer display engine (bsc#1194869).\n- arm64: dts: imx8mm-evk: correct pmic clock source (git-fixes).\n- arm64: dts: meson-g12-common: specify full DMC range (git-fixes).\n- arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node (git-fixes).\n- arm64: dts: qcom: ipq8074: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator (git-fixes).\n- arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator (git-fixes).\n- arm64: dts: qcom: msm8996: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name (git-fixes).\n- arm64: dts: qcom: msm8998: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply (git-fixes).\n- arm64: dts: qcom: sdm845: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: qcom: sm8250: Fix the PCI I/O port range (git-fixes).\n- arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table (git-fixes).\n- arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table (git-fixes).\n- arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property (git-fixes).\n- bluetooth: Perform careful capability checks in hci_sock_ioctl() (git-fixes).\n- cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods\n- cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly\n- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1210827).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- clk: add missing of_node_put() in 'assigned-clocks' property parsing (git-fixes).\n- clk: at91: clk-sam9x60-pll: fix return value check (git-fixes).\n- clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent (git-fixes).\n- clk: sprd: set max_register according to mapping range (git-fixes).\n- clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails (git-fixes).\n- cpufreq: CPPC: Fix build error without CONFIG_ACPI_CPPC_CPUFREQ_FIE (bsc#1210953).\n- cpufreq: CPPC: Fix performance/frequency conversion (git-fixes).\n- cpumask: fix incorrect cpumask scanning result checks (bsc#1210943).\n- crypto: caam - Clear some memory in instantiate_rng (git-fixes).\n- crypto: drbg - Only fail when jent is unavailable in FIPS mode (git-fixes).\n- crypto: sa2ul - Select CRYPTO_DES (git-fixes).\n- crypto: safexcel - Cleanup ring IRQ workqueues on load failure (git-fixes).\n- driver core: Do not require dynamic_debug for initcall_debug probe timing (git-fixes).\n- drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() (git-fixes).\n- drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() (git-fixes).\n- drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings (git-fixes).\n- drm/amd/display: Fix potential null dereference (git-fixes).\n- drm/amdgpu: Re-enable DCN for 64-bit powerpc (bsc#1194869).\n- drm/armada: Fix a potential double free in an error handling path (git-fixes).\n- drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535 (git-fixes).\n- drm/bridge: lt8912b: Fix DSI Video Mode (git-fixes).\n- drm/bridge: lt9611: Fix PLL being unable to lock (git-fixes).\n- drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var (git-fixes).\n- drm/i915/dsi: fix DSS CTL register offsets for TGL+ (git-fixes).\n- drm/i915: Fix fast wake AUX sync len (git-fixes).\n- drm/i915: Make intel_get_crtc_new_encoder() less oopsy (git-fixes).\n- drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (git-fixes).\n- drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() (git-fixes).\n- drm/msm/adreno: drop bogus pm_runtime_set_active() (git-fixes).\n- drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources (git-fixes).\n- drm/msm: fix NULL-deref on snapshot tear down (git-fixes).\n- drm/nouveau/disp: Support more modes by checking with lower bpc (git-fixes).\n- drm/panel: otm8009a: Set backlight parent to panel device (git-fixes).\n- drm/probe-helper: Cancel previous job before starting new one (git-fixes).\n- drm/rockchip: Drop unbalanced obj unref (git-fixes).\n- drm/vgem: add missing mutex_destroy (git-fixes).\n- drm: msm: adreno: Disable preemption on Adreno 510 (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (git-fixes).\n- drm: rcar-du: Fix a NULL vs IS_ERR() bug (git-fixes).\n- dt-bindings: arm: fsl: Fix copy-paste error in comment (git-fixes).\n- dt-bindings: iio: ti,tmp117: fix documentation link (git-fixes).\n- dt-bindings: mailbox: qcom,apcs-kpss-global: fix SDX55 'if' match (git-fixes).\n- dt-bindings: nvmem: qcom,spmi-sdam: fix example 'reg' property (git-fixes).\n- dt-bindings: remoteproc: stm32-rproc: Typo fix (git-fixes).\n- dt-bindings: soc: qcom: smd-rpm: re-add missing qcom,rpm-msm8994 (git-fixes).\n- e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).\n- efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (git-fixes).\n- ext4: Fix deadlock during directory rename (bsc#1210763).\n- ext4: Fix possible corruption when moving a directory (bsc#1210763).\n- ext4: fix RENAME_WHITEOUT handling for inline directories (bsc#1210766).\n- ext4: fix another off-by-one fsmap error on 1k block filesystems (bsc#1210767).\n- ext4: fix bad checksum after online resize (bsc#1210762 bsc#1208076).\n- ext4: fix cgroup writeback accounting with fs-layer encryption (bsc#1210765).\n- ext4: fix corruption when online resizing a 1K bigalloc fs (bsc#1206891).\n- ext4: fix incorrect options show of original mount_opt and extend mount_opt2 (bsc#1210764).\n- ext4: fix possible double unlock when moving a directory (bsc#1210763).\n- ext4: use ext4_journal_start/stop for fast commit transactions (bsc#1210793).\n- fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace (git-fixes).\n- firmware: qcom_scm: Clear download bit during reboot (git-fixes).\n- firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes).\n- fpga: bridge: fix kernel-doc parameter description (git-fixes).\n- hwmon: (adt7475) Use device_property APIs when configuring polarity (git-fixes).\n- hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write (git-fixes).\n- hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E (git-fixes).\n- i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path (git-fixes).\n- i2c: hisi: Avoid redundant interrupts (git-fixes).\n- i2c: imx-lpi2c: clean rx/tx buffers upon new message (git-fixes).\n- i2c: ocores: generate stop condition after timeout in polling mode (git-fixes).\n- i915/perf: Replace DRM_DEBUG with driver specific drm_dbg call (git-fixes).\n- ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (bsc#1210158).\n- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (git-fixes).\n- iio: light: tsl2772: fix reading proximity-diodes from device tree (git-fixes).\n- ipmi: fix SSIF not responding under certain cond (git-fixes).\n- ipmi:ssif: Add send_retries increment (git-fixes).\n- k-m-s: Drop Linux 2.6 support\n- kABI: PCI: loongson: Prevent LS7A MRRS increases (kabi).\n- kABI: x86/msi: Fix msi message data shadow struct (kabi).\n- kabi/severities: ignore KABI for NVMe target (bsc#1174777).\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- locking/rwbase: Mitigate indefinite writer starvation.\n- media: av7110: prevent underflow in write_ts_to_decoder() (git-fixes).\n- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (git-fixes).\n- media: max9286: Free control handler (git-fixes).\n- media: rc: gpio-ir-recv: Fix support for wake-up (git-fixes).\n- media: rkvdec: fix use after free bug in rkvdec_remove (git-fixes).\n- media: saa7134: fix use after free bug in saa7134_finidev due to race condition (git-fixes).\n- media: venus: dec: Fix handling of the start cmd (git-fixes).\n- memstick: fix memory leak if card device is never registered (git-fixes).\n- mm/filemap: fix page end in filemap_get_read_batch (bsc#1210768).\n- mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages (bsc#1210034).\n- mm: take a page reference when removing device exclusive entries (bsc#1211025).\n- mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data (git-fixes).\n- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (git-fixes).\n- mtd: core: fix error path for nvmem provider (git-fixes).\n- mtd: core: fix nvmem error reporting (git-fixes).\n- mtd: core: provide unique name for nvmem device, take two (git-fixes).\n- mtd: spi-nor: Fix a trivial typo (git-fixes).\n- net: phy: nxp-c45-tja11xx: add remove callback (git-fixes).\n- net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow (git-fixes).\n- nfsd: call op_release, even when op_func returns an error (git-fixes).\n- nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (git-fixes).\n- nilfs2: initialize unused bytes in segment summary blocks (git-fixes).\n- nvme initialize core quirks before calling nvme_init_subsystem (git-fixes).\n- nvme-auth: uninitialized variable in nvme_auth_transform_key() (git-fixes).\n- nvme-fcloop: fix 'inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage' (git-fixes).\n- nvme-hwmon: consistently ignore errors from nvme_hwmon_init (git-fixes).\n- nvme-hwmon: kmalloc the NVME SMART log buffer (git-fixes).\n- nvme-multipath: fix possible hang in live ns resize with ANA access (git-fixes).\n- nvme-pci: fix doorbell buffer value endianness (git-fixes).\n- nvme-pci: fix mempool alloc size (git-fixes).\n- nvme-pci: fix page size checks (git-fixes).\n- nvme-pci: fix timeout request state check (git-fixes).\n- nvme-rdma: fix possible hang caused during ctrl deletion (git-fixes).\n- nvme-tcp: fix possible circular locking when deleting a controller under memory pressure (git-fixes).\n- nvme-tcp: fix possible hang caused during ctrl deletion (git-fixes).\n- nvme-tcp: fix regression that causes sporadic requests to time out (git-fixes).\n- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices (git-fixes).\n- nvme: add device name to warning in uuid_show() (git-fixes).\n- nvme: catch -ENODEV from nvme_revalidate_zones again (git-fixes).\n- nvme: copy firmware_rev on each init (git-fixes).\n- nvme: define compat_ioctl again to unbreak 32-bit userspace (git-fixes).\n- nvme: fix async event trace event (git-fixes).\n- nvme: fix handling single range discard request (git-fixes).\n- nvme: fix per-namespace chardev deletion (git-fixes).\n- nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition (git-fixes).\n- nvme: fix the read-only state for zoned namespaces with unsupposed features (git-fixes).\n- nvme: improve the NVME_CONNECT_AUTHREQ* definitions (git-fixes).\n- nvme: move nvme_multi_css into nvme.h (git-fixes).\n- nvme: return err on nvme_init_non_mdts_limits fail (git-fixes).\n- nvme: send Identify with CNS 06h only to I/O controllers (bsc#1209693).\n- nvme: set dma alignment to dword (git-fixes).\n- nvme: use command_id instead of req->tag in trace_nvme_complete_rq() (git-fixes).\n- nvmet-auth: do not try to cancel a non-initialized work_struct (git-fixes).\n- nvmet-tcp: fix incomplete data digest send (git-fixes).\n- nvmet-tcp: fix regression in data_digest calculation (git-fixes).\n- nvmet: add helpers to set the result field for connect commands (git-fixes).\n- nvmet: avoid potential UAF in nvmet_req_complete() (git-fixes).\n- nvmet: do not defer passthrough commands with trivial effects to the workqueue (git-fixes).\n- nvmet: fix I/O Command Set specific Identify Controller (git-fixes).\n- nvmet: fix Identify Active Namespace ID list handling (git-fixes).\n- nvmet: fix Identify Controller handling (git-fixes).\n- nvmet: fix Identify Namespace handling (git-fixes).\n- nvmet: fix a memory leak (git-fixes).\n- nvmet: fix a memory leak in nvmet_auth_set_key (git-fixes).\n- nvmet: fix a use-after-free (git-fixes).\n- nvmet: fix invalid memory reference in nvmet_subsys_attr_qid_max_show (git-fixes).\n- nvmet: force reconnect when number of queue changes (git-fixes).\n- nvmet: looks at the passthrough controller when initializing CAP (git-fixes).\n- nvmet: only allocate a single slab for bvecs (git-fixes).\n- nvmet: use IOCB_NOWAIT only if the filesystem supports it (git-fixes).\n- perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output (git fixes).\n- perf/core: Fix the same task check in perf_event_set_output (git fixes).\n- perf: Fix check before add_event_to_groups() in perf_group_detach() (git fixes).\n- perf: fix perf_event_context->time (git fixes).\n- platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2 (git-fixes).\n- platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE (git-fixes).\n- power: supply: cros_usbpd: reclassify 'default case!' as debug (git-fixes).\n- power: supply: generic-adc-battery: fix unit scaling (git-fixes).\n- powerpc/64: Always build with 128-bit long double (bsc#1194869).\n- powerpc/64e: Fix amdgpu build on Book3E w/o AltiVec (bsc#1194869).\n- powerpc/hv-gpci: Fix hv_gpci event list (git fixes).\n- powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc/perf/hv-24x7: add missing RTAS retry status handling (git fixes).\n- powerpc/pseries: Consolidate different NUMA distance update code paths (bsc#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).\n- powerpc: declare unmodified attribute_group usages const (git-fixes).\n- regulator: core: Avoid lockdep reports when resolving supplies (git-fixes).\n- regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() (git-fixes).\n- regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted (git-fixes).\n- regulator: fan53555: Explicitly include bits header (git-fixes).\n- regulator: fan53555: Fix wrong TCS_SLEW_MASK (git-fixes).\n- regulator: stm32-pwr: fix of_iomap leak (git-fixes).\n- remoteproc: Harden rproc_handle_vdev() against integer overflow (git-fixes).\n- remoteproc: imx_rproc: Call of_node_put() on iteration error (git-fixes).\n- remoteproc: st: Call of_node_put() on iteration error (git-fixes).\n- remoteproc: stm32: Call of_node_put() on iteration error (git-fixes).\n- rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time (git-fixes).\n- rtc: omap: include header for omap_rtc_power_off_program prototype (git-fixes).\n- sched/fair: Fix imbalance overflow (bsc#1155798).\n- sched/fair: Limit sched slice duration (bsc#1189999).\n- sched/fair: Move calculate of avg_load to a better location (bsc#1155798).\n- sched/fair: Sanitize vruntime of entity being migrated (bsc#1203325).\n- sched/fair: sanitize vruntime of entity being placed (bsc#1203325).\n- sched/numa: Stop an exhastive search if an idle core is found (bsc#1189999).\n- sched_getaffinity: do not assume 'cpumask_size()' is fully initialized (bsc#1155798).\n- scsi: aic94xx: Add missing check for dma_map_single() (git-fixes).\n- scsi: core: Add BLIST_NO_VPD_SIZE for some VDASD (git-fixes bsc#1203039).\n- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (git-fixes).\n- scsi: core: Fix a procfs host directory removal regression (git-fixes).\n- scsi: core: Fix a source code comment (git-fixes).\n- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).\n- scsi: hisi_sas: Check devm_add_action() return value (git-fixes).\n- scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id (git-fixes).\n- scsi: ipr: Work around fortify-string warning (git-fixes).\n- scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() (git-fixes).\n- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (git-fixes).\n- scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (git-fixes).\n- scsi: kABI workaround for fc_host_fpin_rcv (git-fixes).\n- scsi: libsas: Remove useless dev_list delete in sas_ex_discover_end_dev() (git-fixes).\n- scsi: lpfc: Avoid usage of list iterator variable after loop (git-fixes).\n- scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() (git-fixes).\n- scsi: lpfc: Copyright updates for 14.2.0.11 patches (bsc#1210943).\n- scsi: lpfc: Correct used_rpi count when devloss tmo fires with no recovery (bsc#1210943).\n- scsi: lpfc: Defer issuing new PLOGI if received RSCN before completing REG_LOGIN (bsc#1210943).\n- scsi: lpfc: Drop redundant pci_enable_pcie_error_reporting() (bsc#1210943).\n- scsi: lpfc: Fix double word in comments (bsc#1210943).\n- scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (bsc#1210943).\n- scsi: lpfc: Fix lockdep warning for rx_monitor lock when unloading driver (bsc#1210943).\n- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (bsc#1210943).\n- scsi: lpfc: Record LOGO state with discovery engine even if aborted (bsc#1210943).\n- scsi: lpfc: Reorder freeing of various DMA buffers and their list removal (bsc#1210943).\n- scsi: lpfc: Revise lpfc_error_lost_link() reason code evaluation logic (bsc#1210943).\n- scsi: lpfc: Silence an incorrect device output (bsc#1210943).\n- scsi: lpfc: Skip waiting for register ready bits when in unrecoverable state (bsc#1210943).\n- scsi: lpfc: Update lpfc version to 14.2.0.11 (bsc#1210943).\n- scsi: megaraid_sas: Fix crash after a double completion (git-fixes).\n- scsi: megaraid_sas: Update max supported LD IDs to 240 (git-fixes).\n- scsi: mpt3sas: Do not print sense pool info twice (git-fixes).\n- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (git-fixes).\n- scsi: mpt3sas: Fix a memory leak (git-fixes).\n- scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).\n- scsi: qla2xxx: Perform lockless command completion in abort path (git-fixes).\n- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (git-fixes).\n- scsi: scsi_transport_fc: Add an additional flag to fc_host_fpin_rcv() (bsc#1210943).\n- scsi: sd: Fix wrong zone_write_granularity value during revalidate (git-fixes).\n- scsi: ses: Do not attach if enclosure has no components (git-fixes).\n- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (git-fixes).\n- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).\n- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (git-fixes).\n- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (git-fixes).\n- scsi: snic: Fix memory leak with using debugfs_lookup() (git-fixes).\n- seccomp: Move copy_seccomp() to no failure path (bsc#1210817).\n- selftests/kselftest/runner/run_one(): allow running non-executable files (git-fixes).\n- selftests: sigaltstack: fix -Wuninitialized (git-fixes).\n- selinux: ensure av_permissions.h is built when needed (git-fixes).\n- selinux: fix Makefile dependencies of flask.h (git-fixes).\n- serial: 8250: Add missing wakeup event reporting (git-fixes).\n- serial: 8250_bcm7271: Fix arbitration handling (git-fixes).\n- serial: 8250_exar: derive nr_ports from PCI ID for Acces I/O cards (git-fixes).\n- serial: exar: Add support for Sealevel 7xxxC serial cards (git-fixes).\n- signal handling: do not use BUG_ON() for debugging (bsc#1210439).\n- signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed (bsc#1210816).\n- signal: Do not always set SA_IMMUTABLE for forced signals (bsc#1210816).\n- signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE (bsc#1210816).\n- soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe (git-fixes).\n- spi: cadence-quadspi: fix suspend-resume implementations (git-fixes).\n- spi: fsl-spi: Fix CPM/QE mode Litte Endian (git-fixes).\n- spi: qup: Do not skip cleanup in remove's error path (git-fixes).\n- staging: iio: resolver: ads1210: fix config mode (git-fixes).\n- staging: rtl8192e: Fix W_DISABLE# does not work after stop/start (git-fixes).\n- stat: fix inconsistency between struct stat and struct compat_stat (git-fixes).\n- sunrpc: only free unix grouplist after RCU settles (git-fixes).\n- tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH (git-fixes).\n- tty: serial: fsl_lpuart: adjust buffer length to the intended size (git-fixes).\n- udf: Check consistency of Space Bitmap Descriptor (bsc#1210771).\n- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).\n- udf: Support splicing to file (bsc#1210770).\n- usb: chipidea: fix missing goto in `ci_hdrc_probe` (git-fixes).\n- usb: chipidea: imx: avoid unnecessary probe defer (git-fixes).\n- usb: dwc3: gadget: Change condition for processing suspend event (git-fixes).\n- usb: dwc3: pci: add support for the Intel Meteor Lake-S (git-fixes).\n- usb: gadget: tegra-xudc: Fix crash in vbus_draw (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition (git-fixes).\n- usb: host: xhci-rcar: remove leftover quirk handling (git-fixes).\n- virt/coco/sev-guest: Add throttling awareness (bsc#1209927).\n- virt/coco/sev-guest: Carve out the request issuing logic into a helper (bsc#1209927).\n- virt/coco/sev-guest: Check SEV_SNP attribute at probe time (bsc#1209927).\n- virt/coco/sev-guest: Convert the sw_exit_info_2 checking to a switch-case (bsc#1209927).\n- virt/coco/sev-guest: Do some code style cleanups (bsc#1209927).\n- virt/coco/sev-guest: Remove the disable_vmpck label in handle_guest_request() (bsc#1209927).\n- virt/coco/sev-guest: Simplify extended guest request handling (bsc#1209927).\n- virt/sev-guest: Return -EIO if certificate buffer is not large enough (bsc#1209927).\n- virtio_ring: do not update event idx on get_buf (git-fixes).\n- vmci_host: fix a race condition in vmci_host_poll() causing GPF (git-fixes).\n- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).\n- wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (git-fixes).\n- wifi: ath6kl: minor fix for allocation size (git-fixes).\n- wifi: ath6kl: reduce WARN to dev_dbg() in callback (git-fixes).\n- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (git-fixes).\n- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (git-fixes).\n- wifi: brcmfmac: support CQM RSSI notification with older firmware (git-fixes).\n- wifi: iwlwifi: debug: fix crash in __iwl_err() (git-fixes).\n- wifi: iwlwifi: fix duplicate entry in iwl_dev_info_table (git-fixes).\n- wifi: iwlwifi: fw: fix memory leak in debugfs (git-fixes).\n- wifi: iwlwifi: fw: move memset before early return (git-fixes).\n- wifi: iwlwifi: make the loop for card preparation effective (git-fixes).\n- wifi: iwlwifi: mvm: check firmware response size (git-fixes).\n- wifi: iwlwifi: mvm: do not set CHECKSUM_COMPLETE for unsupported protocols (git-fixes).\n- wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (git-fixes).\n- wifi: iwlwifi: mvm: initialize seq variable (git-fixes).\n- wifi: iwlwifi: trans: do not trigger d3 interrupt twice (git-fixes).\n- wifi: iwlwifi: yoyo: Fix possible division by zero (git-fixes).\n- wifi: iwlwifi: yoyo: skip dump correctly on hw error (git-fixes).\n- wifi: mac80211: adjust scan cancel comment/check (git-fixes).\n- wifi: mt76: add missing locking to protect against concurrent rx/status calls (git-fixes).\n- wifi: mt76: fix 6GHz high channel not be scanned (git-fixes).\n- wifi: mt76: handle failure of vzalloc in mt7615_coredump_work (git-fixes).\n- wifi: mwifiex: mark OF related data as maybe unused (git-fixes).\n- wifi: rt2x00: Fix memory leak when handling surveys (git-fixes).\n- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() (git-fixes).\n- wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() (git-fixes).\n- wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() (git-fixes).\n- wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() (git-fixes).\n- wifi: rtw89: fix potential race condition between napi_init and napi_enable (git-fixes).\n- writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs (bsc#1210769).\n- x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails (git-fixes).\n- x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (git-fixes).\n- x86/bug: Prevent shadowing in __WARN_FLAGS (git-fixes).\n- x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).\n- x86/entry: Avoid very early RET (git-fixes).\n- x86/entry: Do not call error_entry() for XENPV (git-fixes).\n- x86/entry: Move CLD to the start of the idtentry macro (git-fixes).\n- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (git-fixes).\n- x86/entry: Switch the stack after error_entry() returns (git-fixes).\n- x86/fpu: Prevent FPU state corruption (git-fixes).\n- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (git-fixes).\n- x86/msi: Fix msi message data shadow struct (git-fixes).\n- x86/pci/xen: Disable PCI/MSI masking for XEN_HVM guests (git-fixes).\n- x86/traps: Use pt_regs directly in fixup_bad_iret() (git-fixes).\n- x86/tsx: Disable TSX development mode at boot (git-fixes).\n- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).\n- xhci: fix debugfs register accesses while suspended (git-fixes).\n\nkernel-default-base changed:\n\n- Do not ship on s390x (bsc#1210729)\n- Add exfat (bsc#1208822)\n- Add _diag modules for included socket types (bsc#1204042)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2140,SUSE-SLE-Micro-5.3-2023-2140,SUSE-SLE-Micro-5.4-2023-2140,SUSE-SLE-Module-Basesystem-15-SP4-2023-2140,SUSE-SLE-Module-Development-Tools-15-SP4-2023-2140,SUSE-SLE-Module-Legacy-15-SP4-2023-2140,SUSE-SLE-Module-Live-Patching-15-SP4-2023-2140,SUSE-SLE-Product-HA-15-SP4-2023-2140,SUSE-SLE-Product-WE-15-SP4-2023-2140,openSUSE-Leap-Micro-5.3-2023-2140,openSUSE-SLE-15.4-2023-2140", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2140-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2140-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232140-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2140-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029296.html", }, { category: "self", summary: "SUSE Bug 1142685", url: "https://bugzilla.suse.com/1142685", }, { category: "self", summary: "SUSE Bug 1155798", url: "https://bugzilla.suse.com/1155798", }, { category: "self", summary: "SUSE Bug 1174777", url: "https://bugzilla.suse.com/1174777", }, { category: "self", summary: "SUSE Bug 1189999", url: "https://bugzilla.suse.com/1189999", }, { category: "self", summary: "SUSE Bug 1194869", url: "https://bugzilla.suse.com/1194869", }, { category: "self", summary: "SUSE Bug 1203039", url: "https://bugzilla.suse.com/1203039", }, { category: "self", summary: "SUSE Bug 1203325", url: "https://bugzilla.suse.com/1203325", }, { category: "self", summary: "SUSE Bug 1204042", url: "https://bugzilla.suse.com/1204042", }, { category: "self", summary: "SUSE Bug 1206649", url: "https://bugzilla.suse.com/1206649", }, { category: "self", summary: "SUSE Bug 1206891", url: "https://bugzilla.suse.com/1206891", }, { category: "self", summary: "SUSE Bug 1206992", url: "https://bugzilla.suse.com/1206992", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1208076", url: "https://bugzilla.suse.com/1208076", }, { category: "self", summary: "SUSE Bug 1208822", url: "https://bugzilla.suse.com/1208822", }, { category: "self", summary: "SUSE Bug 1208845", url: "https://bugzilla.suse.com/1208845", }, { category: "self", summary: "SUSE Bug 1209615", url: "https://bugzilla.suse.com/1209615", }, { category: "self", summary: "SUSE Bug 1209693", url: "https://bugzilla.suse.com/1209693", }, { category: "self", summary: "SUSE Bug 1209739", url: "https://bugzilla.suse.com/1209739", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1209927", url: "https://bugzilla.suse.com/1209927", }, { category: "self", summary: "SUSE Bug 1209999", url: "https://bugzilla.suse.com/1209999", }, { category: "self", summary: "SUSE Bug 1210034", url: "https://bugzilla.suse.com/1210034", }, { category: "self", summary: "SUSE Bug 1210158", url: "https://bugzilla.suse.com/1210158", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210206", url: "https://bugzilla.suse.com/1210206", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210439", url: "https://bugzilla.suse.com/1210439", }, { category: "self", summary: "SUSE Bug 1210453", url: "https://bugzilla.suse.com/1210453", }, { category: "self", summary: "SUSE Bug 1210454", url: "https://bugzilla.suse.com/1210454", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210499", url: "https://bugzilla.suse.com/1210499", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210629", url: "https://bugzilla.suse.com/1210629", }, { category: "self", summary: "SUSE Bug 1210630", url: "https://bugzilla.suse.com/1210630", }, { category: "self", summary: "SUSE Bug 1210725", url: "https://bugzilla.suse.com/1210725", }, { category: "self", summary: "SUSE Bug 1210729", url: "https://bugzilla.suse.com/1210729", }, { category: "self", summary: "SUSE Bug 1210762", url: "https://bugzilla.suse.com/1210762", }, { category: "self", summary: "SUSE Bug 1210763", url: "https://bugzilla.suse.com/1210763", }, { category: "self", summary: "SUSE Bug 1210764", url: "https://bugzilla.suse.com/1210764", }, { category: "self", summary: "SUSE Bug 1210765", url: "https://bugzilla.suse.com/1210765", }, { category: "self", summary: "SUSE Bug 1210766", url: "https://bugzilla.suse.com/1210766", }, { category: "self", summary: "SUSE Bug 1210767", url: "https://bugzilla.suse.com/1210767", }, { category: "self", summary: "SUSE Bug 1210768", url: "https://bugzilla.suse.com/1210768", }, { category: "self", summary: "SUSE Bug 1210769", url: "https://bugzilla.suse.com/1210769", }, { category: "self", summary: "SUSE Bug 1210770", url: "https://bugzilla.suse.com/1210770", }, { category: "self", summary: "SUSE Bug 1210771", url: "https://bugzilla.suse.com/1210771", }, { category: "self", summary: "SUSE Bug 1210793", url: "https://bugzilla.suse.com/1210793", }, { category: "self", summary: "SUSE Bug 1210816", url: "https://bugzilla.suse.com/1210816", }, { category: "self", summary: "SUSE Bug 1210817", url: "https://bugzilla.suse.com/1210817", }, { category: "self", summary: "SUSE Bug 1210827", url: "https://bugzilla.suse.com/1210827", }, { category: "self", summary: "SUSE Bug 1210943", url: "https://bugzilla.suse.com/1210943", }, { category: "self", summary: "SUSE Bug 1210953", url: "https://bugzilla.suse.com/1210953", }, { category: "self", summary: "SUSE Bug 1210986", url: "https://bugzilla.suse.com/1210986", }, { category: "self", summary: "SUSE Bug 1211025", url: "https://bugzilla.suse.com/1211025", }, { category: "self", summary: "SUSE CVE CVE-2022-2196 page", url: "https://www.suse.com/security/cve/CVE-2022-2196/", }, { category: "self", summary: "SUSE CVE CVE-2023-0386 page", url: "https://www.suse.com/security/cve/CVE-2023-0386/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2008 page", url: "https://www.suse.com/security/cve/CVE-2023-2008/", }, { category: "self", summary: "SUSE CVE CVE-2023-2019 page", url: "https://www.suse.com/security/cve/CVE-2023-2019/", }, { category: "self", summary: "SUSE CVE CVE-2023-2176 page", url: "https://www.suse.com/security/cve/CVE-2023-2176/", }, { category: "self", summary: "SUSE CVE CVE-2023-2235 page", url: "https://www.suse.com/security/cve/CVE-2023-2235/", }, { category: "self", summary: "SUSE CVE CVE-2023-23006 page", url: "https://www.suse.com/security/cve/CVE-2023-23006/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-09T12:28:52Z", generator: { date: "2023-05-09T12:28:52Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2140-1", initial_release_date: "2023-05-09T12:28:52Z", revision_history: [ { date: "2023-05-09T12:28:52Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product: { name: "cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product_id: "cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", product_id: "cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product: { name: "dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product_id: "dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", product: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", product_id: "dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-allwinner-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-allwinner-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-allwinner-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-altera-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-altera-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-altera-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-amazon-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-amazon-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-amazon-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-amd-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-amd-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-amd-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-amlogic-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-amlogic-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-amlogic-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-apm-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-apm-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-apm-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-apple-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-apple-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-apple-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-arm-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-arm-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-arm-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-broadcom-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-broadcom-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-broadcom-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-cavium-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-cavium-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-cavium-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-exynos-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-exynos-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-exynos-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-freescale-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-freescale-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-freescale-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-lg-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-lg-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-lg-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-marvell-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-marvell-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-marvell-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-mediatek-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-mediatek-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-mediatek-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-nvidia-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-nvidia-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-nvidia-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-qcom-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-qcom-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-qcom-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-renesas-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-renesas-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-renesas-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-rockchip-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-rockchip-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-rockchip-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-socionext-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-socionext-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-socionext-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-sprd-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-sprd-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-sprd-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "dtb-xilinx-5.14.21-150400.24.63.1.aarch64", product: { name: "dtb-xilinx-5.14.21-150400.24.63.1.aarch64", product_id: "dtb-xilinx-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product: { name: "gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product_id: "gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", product: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", product_id: "gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-64kb-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-64kb-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-default-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-default-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", product: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", product_id: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", product: { name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", product_id: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-default-devel-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-default-devel-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-default-extra-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-default-extra-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-default-optional-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-default-optional-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-obs-build-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-obs-build-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.63.1.aarch64", product: { name: "kernel-syms-5.14.21-150400.24.63.1.aarch64", product_id: "kernel-syms-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product: { name: "kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product_id: "kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", product: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", product_id: "kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product: { name: "ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product_id: "ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", product_id: "ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product: { name: "reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", product_id: "reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", product_id: "reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-5.14.21-150400.24.63.1.noarch", product: { name: "kernel-devel-5.14.21-150400.24.63.1.noarch", product_id: "kernel-devel-5.14.21-150400.24.63.1.noarch", }, }, { category: "product_version", name: "kernel-docs-5.14.21-150400.24.63.1.noarch", product: { name: "kernel-docs-5.14.21-150400.24.63.1.noarch", product_id: "kernel-docs-5.14.21-150400.24.63.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-5.14.21-150400.24.63.1.noarch", product: { name: "kernel-docs-html-5.14.21-150400.24.63.1.noarch", product_id: "kernel-docs-html-5.14.21-150400.24.63.1.noarch", }, }, { category: "product_version", name: "kernel-macros-5.14.21-150400.24.63.1.noarch", product: { name: "kernel-macros-5.14.21-150400.24.63.1.noarch", product_id: "kernel-macros-5.14.21-150400.24.63.1.noarch", }, }, { category: "product_version", name: "kernel-source-5.14.21-150400.24.63.1.noarch", product: { name: "kernel-source-5.14.21-150400.24.63.1.noarch", product_id: "kernel-source-5.14.21-150400.24.63.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", product: { name: "kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", product_id: "kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", product_id: "cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", product: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", product_id: "dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", product: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", product_id: "gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-debug-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-debug-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-default-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-default-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", product: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", product_id: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", product: { name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", product_id: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", product: { name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", product_id: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.63.1.ppc64le", product: { name: "kernel-syms-5.14.21-150400.24.63.1.ppc64le", product_id: "kernel-syms-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", product: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", product_id: "kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", product_id: "ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", product_id: "reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", product_id: "cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.63.1.s390x", product: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.s390x", product_id: "dlm-kmp-default-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", product: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", product_id: "gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-default-5.14.21-150400.24.63.1.s390x", product_id: "kernel-default-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-default-devel-5.14.21-150400.24.63.1.s390x", product_id: "kernel-default-devel-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-default-extra-5.14.21-150400.24.63.1.s390x", product_id: "kernel-default-extra-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", product_id: "kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-default-optional-5.14.21-150400.24.63.1.s390x", product_id: "kernel-default-optional-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", product: { name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", product_id: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-obs-build-5.14.21-150400.24.63.1.s390x", product_id: "kernel-obs-build-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.s390x", product_id: "kernel-obs-qa-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-syms-5.14.21-150400.24.63.1.s390x", product_id: "kernel-syms-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", product: { name: "kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", product_id: "kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", product: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", product_id: "kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", product_id: "ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", product_id: "reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", product: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", product_id: "cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", product: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", product_id: "dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", product: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", product_id: "gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-debug-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-debug-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-default-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-default-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", product: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", product_id: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", product: { name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", product_id: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-default-devel-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-default-devel-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-default-extra-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-default-extra-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-optional-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-default-optional-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-default-optional-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", product: { name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", product_id: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-obs-build-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-obs-build-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-5.14.21-150400.24.63.1.x86_64", product: { name: "kernel-syms-5.14.21-150400.24.63.1.x86_64", product_id: "kernel-syms-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", product: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", product_id: "kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", product: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", product_id: "ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", product: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", product_id: "reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.3", product: { name: "SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.4", product: { name: "SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP4", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP4", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15 SP4", product: { name: "SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP4", product: { name: "SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP4", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15 SP4", product: { name: "SUSE Linux Enterprise Workstation Extension 15 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15:sp4", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.3", product: { name: "openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.3", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.21-150400.24.63.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-devel-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.21-150400.24.63.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-macros-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.14.21-150400.24.63.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-docs-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.21-150400.24.63.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-source-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", }, product_reference: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", }, product_reference: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4", product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", }, product_reference: "kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.63.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-extra-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-allwinner-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-allwinner-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-altera-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-altera-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-amazon-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-amazon-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-amd-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-amd-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-amlogic-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-amlogic-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-apm-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-apm-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-apple-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-apple-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-arm-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-arm-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-broadcom-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-broadcom-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-cavium-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-cavium-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-exynos-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-exynos-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-freescale-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-freescale-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-hisilicon-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-lg-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-lg-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-marvell-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-marvell-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-mediatek-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-mediatek-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-nvidia-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-nvidia-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-qcom-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-qcom-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-renesas-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-renesas-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-rockchip-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-rockchip-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-socionext-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-socionext-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-sprd-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-sprd-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-xilinx-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", }, product_reference: "dtb-xilinx-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-debug-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-debug-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, product_reference: "kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", }, product_reference: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", }, product_reference: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", }, product_reference: "kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-extra-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-extra-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-extra-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-default-optional-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-default-optional-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-default-optional-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.14.21-150400.24.63.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-devel-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.14.21-150400.24.63.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-docs-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-html-5.14.21-150400.24.63.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-docs-html-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.14.21-150400.24.63.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-macros-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-obs-build-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.14.21-150400.24.63.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-source-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-5.14.21-150400.24.63.1.noarch as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", }, product_reference: "kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kernel-syms-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", }, product_reference: "kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", }, product_reference: "reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-2196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2196", }, ], notes: [ { category: "general", text: "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2196", url: "https://www.suse.com/security/cve/CVE-2022-2196", }, { category: "external", summary: "SUSE Bug 1206992 for CVE-2022-2196", url: "https://bugzilla.suse.com/1206992", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2022-2196", }, { cve: "CVE-2023-0386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0386", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0386", url: "https://www.suse.com/security/cve/CVE-2023-0386", }, { category: "external", summary: "SUSE Bug 1209615 for CVE-2023-0386", url: "https://bugzilla.suse.com/1209615", }, { category: "external", summary: "SUSE Bug 1210499 for CVE-2023-0386", url: "https://bugzilla.suse.com/1210499", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "important", }, ], title: "CVE-2023-0386", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2008", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2008", url: "https://www.suse.com/security/cve/CVE-2023-2008", }, { category: "external", summary: "SUSE Bug 1210453 for CVE-2023-2008", url: "https://bugzilla.suse.com/1210453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-2008", }, { cve: "CVE-2023-2019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2019", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2019", url: "https://www.suse.com/security/cve/CVE-2023-2019", }, { category: "external", summary: "SUSE Bug 1210454 for CVE-2023-2019", url: "https://bugzilla.suse.com/1210454", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-2019", }, { cve: "CVE-2023-2176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2176", }, ], notes: [ { category: "general", text: "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2176", url: "https://www.suse.com/security/cve/CVE-2023-2176", }, { category: "external", summary: "SUSE Bug 1210629 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210629", }, { category: "external", summary: "SUSE Bug 1210630 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210630", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2176", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "important", }, ], title: "CVE-2023-2176", }, { cve: "CVE-2023-2235", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2235", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation.\n\nThe perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability.\n\nWe recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2235", url: "https://www.suse.com/security/cve/CVE-2023-2235", }, { category: "external", summary: "SUSE Bug 1210986 for CVE-2023-2235", url: "https://bugzilla.suse.com/1210986", }, { category: "external", summary: "SUSE Bug 1210987 for CVE-2023-2235", url: "https://bugzilla.suse.com/1210987", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "important", }, ], title: "CVE-2023-2235", }, { cve: "CVE-2023-23006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23006", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23006", url: "https://www.suse.com/security/cve/CVE-2023-23006", }, { category: "external", summary: "SUSE Bug 1208845 for CVE-2023-23006", url: "https://bugzilla.suse.com/1208845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-23006", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_63-default-1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Micro 5.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Micro 5.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-devel-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-macros-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-docs-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-source-5.14.21-150400.24.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:cluster-md-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:cluster-md-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dlm-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:dlm-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:dtb-allwinner-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-altera-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amazon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-amlogic-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-apple-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-arm-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-broadcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-cavium-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-exynos-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-freescale-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-hisilicon-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-lg-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-marvell-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-mediatek-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-nvidia-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-qcom-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-renesas-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-rockchip-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-socionext-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-sprd-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:dtb-xilinx-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:gfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-64kb-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-debug-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.ppc64le", "openSUSE Leap 15.4:kernel-default-base-rebuild-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-extra-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-default-optional-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-devel-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-docs-html-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-macros-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-build-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-obs-qa-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-source-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-source-vanilla-5.14.21-150400.24.63.1.noarch", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kernel-syms-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:kernel-zfcpdump-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:kselftests-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:ocfs2-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:ocfs2-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap 15.4:reiserfs-kmp-64kb-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.ppc64le", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.s390x", "openSUSE Leap 15.4:reiserfs-kmp-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-5.14.21-150400.24.63.1.x86_64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.aarch64", "openSUSE Leap Micro 5.3:kernel-default-base-5.14.21-150400.24.63.1.150400.24.27.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T12:28:52Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2146-1
Vulnerability from csaf_suse
Published
2023-05-09 15:03
Modified
2023-05-09 15:03
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2020-36691: Fixed a denial of service (unbounded recursion) vulnerability via a nested Netlink policy with a back reference (bsc#1209613 bsc#1209777).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).
The following non-security bugs were fixed:
- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- Replace mkinitrd dependency with dracut (bsc#1202353).
- cifs: fix negotiate context parsing (bsc#1210301).
Patchnames
SUSE-2023-2146,SUSE-SLE-Module-Live-Patching-15-SP2-2023-2146,SUSE-SLE-Product-HA-15-SP2-2023-2146,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2146,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2146,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2146,SUSE-Storage-7-2023-2146
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).\n- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2020-36691: Fixed a denial of service (unbounded recursion) vulnerability via a nested Netlink policy with a back reference (bsc#1209613 bsc#1209777).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).\n\nThe following non-security bugs were fixed:\n\n- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).\n- Replace mkinitrd dependency with dracut (bsc#1202353).\n- cifs: fix negotiate context parsing (bsc#1210301).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2146,SUSE-SLE-Module-Live-Patching-15-SP2-2023-2146,SUSE-SLE-Product-HA-15-SP2-2023-2146,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2146,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2146,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2146,SUSE-Storage-7-2023-2146", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2146-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2146-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232146-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2146-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029295.html", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1205128", url: "https://bugzilla.suse.com/1205128", }, { category: "self", summary: "SUSE Bug 1206992", url: "https://bugzilla.suse.com/1206992", }, { category: "self", summary: "SUSE Bug 1209613", url: "https://bugzilla.suse.com/1209613", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209777", url: "https://bugzilla.suse.com/1209777", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210203", url: "https://bugzilla.suse.com/1210203", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210414", url: "https://bugzilla.suse.com/1210414", }, { category: "self", summary: "SUSE Bug 1210417", url: "https://bugzilla.suse.com/1210417", }, { category: "self", summary: "SUSE Bug 1210453", url: "https://bugzilla.suse.com/1210453", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210629", url: "https://bugzilla.suse.com/1210629", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE CVE CVE-2020-36691 page", url: "https://www.suse.com/security/cve/CVE-2020-36691/", }, { category: "self", summary: "SUSE CVE CVE-2022-2196 page", url: "https://www.suse.com/security/cve/CVE-2022-2196/", }, { category: "self", summary: "SUSE CVE CVE-2022-43945 page", url: "https://www.suse.com/security/cve/CVE-2022-43945/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1838 page", url: "https://www.suse.com/security/cve/CVE-2023-1838/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1872 page", url: "https://www.suse.com/security/cve/CVE-2023-1872/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2008 page", url: "https://www.suse.com/security/cve/CVE-2023-2008/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-2176 page", url: "https://www.suse.com/security/cve/CVE-2023-2176/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-09T15:03:56Z", generator: { date: "2023-05-09T15:03:56Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2146-1", initial_release_date: "2023-05-09T15:03:56Z", revision_history: [ { date: "2023-05-09T15:03:56Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", product: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", product_id: "cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product: { name: "cluster-md-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product_id: "cluster-md-kmp-preempt-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", product: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", product_id: "dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product: { name: "dlm-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product_id: "dlm-kmp-preempt-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", product: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", product_id: "gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product: { name: "gfs2-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product_id: "gfs2-kmp-preempt-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-default-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-default-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-default-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", product: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", product_id: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", product: { name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", product_id: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-default-extra-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-default-extra-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-default-livepatch-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-default-livepatch-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-obs-qa-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-obs-qa-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-preempt-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-preempt-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-extra-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-preempt-extra-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-preempt-extra-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-livepatch-devel-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-preempt-livepatch-devel-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-preempt-livepatch-devel-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150200.24.151.1.aarch64", product: { name: "kernel-syms-5.3.18-150200.24.151.1.aarch64", product_id: "kernel-syms-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150200.24.151.1.aarch64", product: { name: "kselftests-kmp-default-5.3.18-150200.24.151.1.aarch64", product_id: "kselftests-kmp-default-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product: { name: "kselftests-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product_id: "kselftests-kmp-preempt-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", product: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", product_id: "ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product: { name: "ocfs2-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product_id: "ocfs2-kmp-preempt-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", product: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", product_id: "reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product: { name: "reiserfs-kmp-preempt-5.3.18-150200.24.151.1.aarch64", product_id: "reiserfs-kmp-preempt-5.3.18-150200.24.151.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-5.3.18-150200.24.151.1.noarch", product: { name: "kernel-devel-5.3.18-150200.24.151.1.noarch", product_id: "kernel-devel-5.3.18-150200.24.151.1.noarch", }, }, { category: "product_version", name: "kernel-docs-5.3.18-150200.24.151.1.noarch", product: { name: "kernel-docs-5.3.18-150200.24.151.1.noarch", product_id: "kernel-docs-5.3.18-150200.24.151.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-5.3.18-150200.24.151.1.noarch", product: { name: "kernel-docs-html-5.3.18-150200.24.151.1.noarch", product_id: "kernel-docs-html-5.3.18-150200.24.151.1.noarch", }, }, { category: "product_version", name: "kernel-macros-5.3.18-150200.24.151.1.noarch", product: { name: "kernel-macros-5.3.18-150200.24.151.1.noarch", product_id: "kernel-macros-5.3.18-150200.24.151.1.noarch", }, }, { category: "product_version", name: "kernel-source-5.3.18-150200.24.151.1.noarch", product: { name: "kernel-source-5.3.18-150200.24.151.1.noarch", product_id: "kernel-source-5.3.18-150200.24.151.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-5.3.18-150200.24.151.1.noarch", product: { name: "kernel-source-vanilla-5.3.18-150200.24.151.1.noarch", product_id: "kernel-source-vanilla-5.3.18-150200.24.151.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", product: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", product_id: "cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", product: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", product_id: "dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", product: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", product_id: "gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-debug-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-debug-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-debug-devel-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-debug-devel-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-debug-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-debug-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-default-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-default-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", product: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", product_id: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", product: { name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", product_id: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-default-extra-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-default-extra-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-kvmsmall-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-kvmsmall-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-kvmsmall-devel-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-kvmsmall-devel-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-kvmsmall-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", product: { name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", product_id: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-obs-qa-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-obs-qa-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150200.24.151.1.ppc64le", product: { name: "kernel-syms-5.3.18-150200.24.151.1.ppc64le", product_id: "kernel-syms-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150200.24.151.1.ppc64le", product: { name: "kselftests-kmp-default-5.3.18-150200.24.151.1.ppc64le", product_id: "kselftests-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", product: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", product_id: "ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", product: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", product_id: "reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", product: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", product_id: "cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150200.24.151.1.s390x", product: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.s390x", product_id: "dlm-kmp-default-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", product: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", product_id: "gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-default-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-default-5.3.18-150200.24.151.1.s390x", product_id: "kernel-default-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", product: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", product_id: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.s390x", product: { name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.s390x", product_id: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-default-devel-5.3.18-150200.24.151.1.s390x", product_id: "kernel-default-devel-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-default-extra-5.3.18-150200.24.151.1.s390x", product_id: "kernel-default-extra-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", product_id: "kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", product_id: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", product: { name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", product_id: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-obs-build-5.3.18-150200.24.151.1.s390x", product_id: "kernel-obs-build-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-obs-qa-5.3.18-150200.24.151.1.s390x", product_id: "kernel-obs-qa-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-syms-5.3.18-150200.24.151.1.s390x", product_id: "kernel-syms-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-5.3.18-150200.24.151.1.s390x", product: { name: "kernel-zfcpdump-5.3.18-150200.24.151.1.s390x", product_id: "kernel-zfcpdump-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150200.24.151.1.s390x", product: { name: "kselftests-kmp-default-5.3.18-150200.24.151.1.s390x", product_id: "kselftests-kmp-default-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", product: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", product_id: "ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", product: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", product_id: "reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", product: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", product_id: "cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product: { name: "cluster-md-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product_id: "cluster-md-kmp-preempt-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", product: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", product_id: "dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product: { name: "dlm-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product_id: "dlm-kmp-preempt-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", product: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", product_id: "gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product: { name: "gfs2-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product_id: "gfs2-kmp-preempt-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-debug-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-debug-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-debug-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-debug-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-debug-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-debug-livepatch-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-default-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-default-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-default-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", product: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", product_id: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", product: { name: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", product_id: "kernel-default-base-rebuild-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-default-extra-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-default-extra-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-kvmsmall-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-kvmsmall-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-kvmsmall-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-kvmsmall-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-kvmsmall-livepatch-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", product: { name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", product_id: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150200_24_151-preempt-1-150200.5.3.1.x86_64", product: { name: "kernel-livepatch-5_3_18-150200_24_151-preempt-1-150200.5.3.1.x86_64", product_id: "kernel-livepatch-5_3_18-150200_24_151-preempt-1-150200.5.3.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-obs-qa-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-obs-qa-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-preempt-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-preempt-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-extra-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-preempt-extra-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-preempt-extra-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-preempt-livepatch-devel-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-preempt-livepatch-devel-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150200.24.151.1.x86_64", product: { name: "kernel-syms-5.3.18-150200.24.151.1.x86_64", product_id: "kernel-syms-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150200.24.151.1.x86_64", product: { name: "kselftests-kmp-default-5.3.18-150200.24.151.1.x86_64", product_id: "kselftests-kmp-default-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product: { name: "kselftests-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product_id: "kselftests-kmp-preempt-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", product: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", product_id: "ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product: { name: "ocfs2-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product_id: "ocfs2-kmp-preempt-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", product: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", product_id: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product: { name: "reiserfs-kmp-preempt-5.3.18-150200.24.151.1.x86_64", product_id: "reiserfs-kmp-preempt-5.3.18-150200.24.151.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP2", product: { name: "SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP2", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp2", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 7", product: { name: "SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7", product_identification_helper: { cpe: "cpe:/o:suse:ses:7", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", }, product_reference: "kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", }, product_reference: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", }, product_reference: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2", product_id: "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", }, product_reference: "kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", }, product_reference: "cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", }, product_reference: "dlm-kmp-default-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", }, product_reference: "gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", }, product_reference: "ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-devel-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-docs-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-macros-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-preempt-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-source-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-devel-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-docs-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-macros-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-preempt-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-source-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-devel-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-docs-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-macros-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150200.24.151.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-source-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150200.24.151.1.noarch as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-devel-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150200.24.151.1.noarch as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-docs-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150200.24.151.1.noarch as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-macros-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150200.24.151.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-preempt-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150200.24.151.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150200.24.151.1.noarch as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", }, product_reference: "kernel-source-5.3.18-150200.24.151.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150200.24.151.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36691", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-36691", url: "https://www.suse.com/security/cve/CVE-2020-36691", }, { category: "external", summary: "SUSE Bug 1209613 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209613", }, { category: "external", summary: "SUSE Bug 1209777 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2020-36691", }, { cve: "CVE-2022-2196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2196", }, ], notes: [ { category: "general", text: "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-2196", url: "https://www.suse.com/security/cve/CVE-2022-2196", }, { category: "external", summary: "SUSE Bug 1206992 for CVE-2022-2196", url: "https://bugzilla.suse.com/1206992", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2022-2196", }, { cve: "CVE-2022-43945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-43945", }, ], notes: [ { category: "general", text: "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-43945", url: "https://www.suse.com/security/cve/CVE-2022-43945", }, { category: "external", summary: "SUSE Bug 1205128 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205128", }, { category: "external", summary: "SUSE Bug 1205130 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205130", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-43945", url: "https://bugzilla.suse.com/1209225", }, { category: "external", summary: "SUSE Bug 1210124 for CVE-2022-43945", url: "https://bugzilla.suse.com/1210124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "important", }, ], title: "CVE-2022-43945", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1838", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1838", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1838", url: "https://www.suse.com/security/cve/CVE-2023-1838", }, { category: "external", summary: "SUSE Bug 1210203 for CVE-2023-1838", url: "https://bugzilla.suse.com/1210203", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-1838", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1872", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1872", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.\n\nThe io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.\n\nWe recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1872", url: "https://www.suse.com/security/cve/CVE-2023-1872", }, { category: "external", summary: "SUSE Bug 1210414 for CVE-2023-1872", url: "https://bugzilla.suse.com/1210414", }, { category: "external", summary: "SUSE Bug 1210417 for CVE-2023-1872", url: "https://bugzilla.suse.com/1210417", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "important", }, ], title: "CVE-2023-1872", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2008", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2008", url: "https://www.suse.com/security/cve/CVE-2023-2008", }, { category: "external", summary: "SUSE Bug 1210453 for CVE-2023-2008", url: "https://bugzilla.suse.com/1210453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-2008", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-2176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2176", }, ], notes: [ { category: "general", text: "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2176", url: "https://www.suse.com/security/cve/CVE-2023-2176", }, { category: "external", summary: "SUSE Bug 1210629 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210629", }, { category: "external", summary: "SUSE Bug 1210630 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210630", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2176", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "important", }, ], title: "CVE-2023-2176", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Enterprise Storage 7:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_151-default-1-150200.5.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.aarch64", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.151.1.150200.9.73.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.151.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.151.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.151.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:03:56Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
suse-su-2023:2148-1
Vulnerability from csaf_suse
Published
2023-05-09 15:05
Modified
2023-05-09 15:05
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).
- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).
The following non-security bugs were fixed:
- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
- cifs: fix negotiate context parsing (bsc#1210301).
- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
Patchnames
SUSE-2023-2148,SUSE-SLE-Module-Live-Patching-15-SP3-2023-2148,SUSE-SLE-Product-HA-15-SP3-2023-2148,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2148,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2148,SUSE-SLE-Product-RT-15-SP3-2023-2148,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2148,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2148,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2148,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2148,SUSE-SUSE-MicroOS-5.1-2023-2148,SUSE-SUSE-MicroOS-5.2-2023-2148,SUSE-Storage-7.1-2023-2148,openSUSE-SLE-15.4-2023-2148
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).\n- CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).\n- CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).\n- CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).\n\nThe following non-security bugs were fixed:\n\n- Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).\n- cifs: fix negotiate context parsing (bsc#1210301).\n- keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).\n- vmxnet3: use gro callback when UPT is enabled (bsc#1209739).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2148,SUSE-SLE-Module-Live-Patching-15-SP3-2023-2148,SUSE-SLE-Product-HA-15-SP3-2023-2148,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2148,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2148,SUSE-SLE-Product-RT-15-SP3-2023-2148,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2148,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2148,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2148,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2148,SUSE-SUSE-MicroOS-5.1-2023-2148,SUSE-SUSE-MicroOS-5.2-2023-2148,SUSE-Storage-7.1-2023-2148,openSUSE-SLE-15.4-2023-2148", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2148-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2148-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232148-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2148-1", url: "https://lists.suse.com/pipermail/sle-updates/2023-May/029300.html", }, { category: "self", summary: "SUSE Bug 1202353", url: "https://bugzilla.suse.com/1202353", }, { category: "self", summary: "SUSE Bug 1205128", url: "https://bugzilla.suse.com/1205128", }, { category: "self", summary: "SUSE Bug 1206992", url: "https://bugzilla.suse.com/1206992", }, { category: "self", summary: "SUSE Bug 1207088", url: "https://bugzilla.suse.com/1207088", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209739", url: "https://bugzilla.suse.com/1209739", }, { category: "self", summary: "SUSE Bug 1209777", url: "https://bugzilla.suse.com/1209777", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1210202", url: "https://bugzilla.suse.com/1210202", }, { category: "self", summary: "SUSE Bug 1210203", url: "https://bugzilla.suse.com/1210203", }, { category: "self", summary: "SUSE Bug 1210301", url: "https://bugzilla.suse.com/1210301", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210414", url: "https://bugzilla.suse.com/1210414", }, { category: "self", summary: "SUSE Bug 1210453", url: "https://bugzilla.suse.com/1210453", }, { category: "self", summary: "SUSE Bug 1210469", url: "https://bugzilla.suse.com/1210469", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210629", url: "https://bugzilla.suse.com/1210629", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE CVE CVE-2020-36691 page", url: "https://www.suse.com/security/cve/CVE-2020-36691/", }, { category: "self", summary: "SUSE CVE CVE-2022-2196 page", url: "https://www.suse.com/security/cve/CVE-2022-2196/", }, { category: "self", summary: "SUSE CVE CVE-2022-43945 page", url: "https://www.suse.com/security/cve/CVE-2022-43945/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1838 page", url: "https://www.suse.com/security/cve/CVE-2023-1838/", }, { category: "self", summary: "SUSE CVE CVE-2023-1855 page", url: "https://www.suse.com/security/cve/CVE-2023-1855/", }, { category: "self", summary: "SUSE CVE CVE-2023-1872 page", url: "https://www.suse.com/security/cve/CVE-2023-1872/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2008 page", url: "https://www.suse.com/security/cve/CVE-2023-2008/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-2176 page", url: "https://www.suse.com/security/cve/CVE-2023-2176/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-05-09T15:05:52Z", generator: { date: "2023-05-09T15:05:52Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2148-1", initial_release_date: "2023-05-09T15:05:52Z", revision_history: [ { date: "2023-05-09T15:05:52Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product: { name: "cluster-md-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product_id: "cluster-md-kmp-64kb-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", product_id: "cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product: { name: "cluster-md-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product_id: "cluster-md-kmp-preempt-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "dlm-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product: { name: "dlm-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product_id: "dlm-kmp-64kb-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", product: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", product_id: "dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "dlm-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product: { name: "dlm-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product_id: "dlm-kmp-preempt-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "dtb-al-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-al-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-al-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-allwinner-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-allwinner-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-allwinner-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-altera-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-altera-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-altera-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-amd-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-amd-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-amd-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-amlogic-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-amlogic-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-amlogic-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-apm-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-apm-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-apm-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-arm-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-arm-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-arm-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-broadcom-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-broadcom-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-broadcom-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-cavium-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-cavium-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-cavium-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-exynos-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-exynos-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-exynos-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-freescale-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-freescale-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-freescale-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-hisilicon-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-hisilicon-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-hisilicon-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-lg-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-lg-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-lg-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-marvell-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-marvell-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-marvell-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-mediatek-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-mediatek-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-mediatek-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-nvidia-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-nvidia-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-nvidia-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-qcom-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-qcom-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-qcom-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-renesas-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-renesas-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-renesas-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-rockchip-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-rockchip-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-rockchip-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-socionext-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-socionext-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-socionext-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-sprd-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-sprd-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-sprd-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-xilinx-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-xilinx-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-xilinx-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "dtb-zte-5.3.18-150300.59.121.1.aarch64", product: { name: "dtb-zte-5.3.18-150300.59.121.1.aarch64", product_id: "dtb-zte-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product: { name: "gfs2-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product_id: "gfs2-kmp-64kb-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", product: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", product_id: "gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product: { name: "gfs2-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product_id: "gfs2-kmp-preempt-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-64kb-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-64kb-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-64kb-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-64kb-extra-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-64kb-extra-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-64kb-extra-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-64kb-livepatch-devel-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-64kb-livepatch-devel-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-64kb-livepatch-devel-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-64kb-optional-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-64kb-optional-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-64kb-optional-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-default-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-default-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", product: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", product_id: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-default-extra-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-default-extra-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-default-livepatch-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-default-livepatch-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-default-optional-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-default-optional-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.121.1.aarch64", product: { name: "kernel-obs-qa-5.3.18-150300.59.121.1.aarch64", product_id: "kernel-obs-qa-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-preempt-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-preempt-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-preempt-extra-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-preempt-extra-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-preempt-extra-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-preempt-livepatch-devel-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-preempt-optional-5.3.18-150300.59.121.2.aarch64", product: { name: "kernel-preempt-optional-5.3.18-150300.59.121.2.aarch64", product_id: "kernel-preempt-optional-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.121.1.aarch64", product: { name: "kernel-syms-5.3.18-150300.59.121.1.aarch64", product_id: "kernel-syms-5.3.18-150300.59.121.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product: { name: "kselftests-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product_id: "kselftests-kmp-64kb-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.121.2.aarch64", product: { name: "kselftests-kmp-default-5.3.18-150300.59.121.2.aarch64", product_id: "kselftests-kmp-default-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product: { name: "kselftests-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product_id: "kselftests-kmp-preempt-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product: { name: "ocfs2-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product_id: "ocfs2-kmp-64kb-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", product_id: "ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product: { name: "ocfs2-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product_id: "ocfs2-kmp-preempt-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product: { name: "reiserfs-kmp-64kb-5.3.18-150300.59.121.2.aarch64", product_id: "reiserfs-kmp-64kb-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", product_id: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product: { name: "reiserfs-kmp-preempt-5.3.18-150300.59.121.2.aarch64", product_id: "reiserfs-kmp-preempt-5.3.18-150300.59.121.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-5.3.18-150300.59.121.2.noarch", product: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch", product_id: "kernel-devel-5.3.18-150300.59.121.2.noarch", }, }, { category: "product_version", name: "kernel-docs-5.3.18-150300.59.121.2.noarch", product: { name: "kernel-docs-5.3.18-150300.59.121.2.noarch", product_id: "kernel-docs-5.3.18-150300.59.121.2.noarch", }, }, { category: "product_version", name: "kernel-docs-html-5.3.18-150300.59.121.2.noarch", product: { name: "kernel-docs-html-5.3.18-150300.59.121.2.noarch", product_id: "kernel-docs-html-5.3.18-150300.59.121.2.noarch", }, }, { category: "product_version", name: "kernel-macros-5.3.18-150300.59.121.2.noarch", product: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch", product_id: "kernel-macros-5.3.18-150300.59.121.2.noarch", }, }, { category: "product_version", name: "kernel-source-5.3.18-150300.59.121.2.noarch", product: { name: "kernel-source-5.3.18-150300.59.121.2.noarch", product_id: "kernel-source-5.3.18-150300.59.121.2.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-5.3.18-150300.59.121.2.noarch", product: { name: "kernel-source-vanilla-5.3.18-150300.59.121.2.noarch", product_id: "kernel-source-vanilla-5.3.18-150300.59.121.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", product_id: "cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", product: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", product_id: "dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", product: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", product_id: "gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-debug-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-debug-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-debug-devel-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-debug-devel-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-debug-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-debug-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-default-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-default-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", product: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", product_id: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-default-extra-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-default-extra-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-default-optional-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-default-optional-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-kvmsmall-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-kvmsmall-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-kvmsmall-devel-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-kvmsmall-devel-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", product: { name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", product_id: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", product: { name: "kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", product_id: "kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.121.1.ppc64le", product: { name: "kernel-obs-qa-5.3.18-150300.59.121.1.ppc64le", product_id: "kernel-obs-qa-5.3.18-150300.59.121.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.121.1.ppc64le", product: { name: "kernel-syms-5.3.18-150300.59.121.1.ppc64le", product_id: "kernel-syms-5.3.18-150300.59.121.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.121.2.ppc64le", product: { name: "kselftests-kmp-default-5.3.18-150300.59.121.2.ppc64le", product_id: "kselftests-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", product_id: "ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", product_id: "reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", product_id: "cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.121.2.s390x", product: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.s390x", product_id: "dlm-kmp-default-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", product: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", product_id: "gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-default-5.3.18-150300.59.121.2.s390x", product_id: "kernel-default-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", product: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", product_id: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.s390x", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.s390x", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.s390x", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-default-devel-5.3.18-150300.59.121.2.s390x", product_id: "kernel-default-devel-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-default-extra-5.3.18-150300.59.121.2.s390x", product_id: "kernel-default-extra-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", product_id: "kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-default-optional-5.3.18-150300.59.121.2.s390x", product_id: "kernel-default-optional-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", product: { name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", product_id: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-obs-build-5.3.18-150300.59.121.2.s390x", product_id: "kernel-obs-build-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.121.1.s390x", product: { name: "kernel-obs-qa-5.3.18-150300.59.121.1.s390x", product_id: "kernel-obs-qa-5.3.18-150300.59.121.1.s390x", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.121.1.s390x", product: { name: "kernel-syms-5.3.18-150300.59.121.1.s390x", product_id: "kernel-syms-5.3.18-150300.59.121.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", product: { name: "kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", product_id: "kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.121.2.s390x", product: { name: "kselftests-kmp-default-5.3.18-150300.59.121.2.s390x", product_id: "kselftests-kmp-default-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", product_id: "ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", product_id: "reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", product_id: "cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product: { name: "cluster-md-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product_id: "cluster-md-kmp-preempt-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", product: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", product_id: "dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "dlm-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product: { name: "dlm-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product_id: "dlm-kmp-preempt-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", product: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", product_id: "gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product: { name: "gfs2-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product_id: "gfs2-kmp-preempt-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-debug-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-debug-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-debug-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-debug-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-debug-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-debug-livepatch-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-default-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", product: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", product_id: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-default-extra-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-default-extra-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-default-optional-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-default-optional-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-kvmsmall-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-kvmsmall-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-kvmsmall-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-kvmsmall-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", product: { name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", product_id: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_121-preempt-1-150300.7.3.2.x86_64", product: { name: "kernel-livepatch-5_3_18-150300_59_121-preempt-1-150300.7.3.2.x86_64", product_id: "kernel-livepatch-5_3_18-150300_59_121-preempt-1-150300.7.3.2.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.121.1.x86_64", product: { name: "kernel-obs-qa-5.3.18-150300.59.121.1.x86_64", product_id: "kernel-obs-qa-5.3.18-150300.59.121.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-preempt-extra-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-preempt-extra-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-preempt-extra-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-preempt-livepatch-devel-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-preempt-optional-5.3.18-150300.59.121.2.x86_64", product: { name: "kernel-preempt-optional-5.3.18-150300.59.121.2.x86_64", product_id: "kernel-preempt-optional-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.121.1.x86_64", product: { name: "kernel-syms-5.3.18-150300.59.121.1.x86_64", product_id: "kernel-syms-5.3.18-150300.59.121.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.121.2.x86_64", product: { name: "kselftests-kmp-default-5.3.18-150300.59.121.2.x86_64", product_id: "kselftests-kmp-default-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product: { name: "kselftests-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product_id: "kselftests-kmp-preempt-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", product_id: "ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product: { name: "ocfs2-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product_id: "ocfs2-kmp-preempt-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", product_id: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product: { name: "reiserfs-kmp-preempt-5.3.18-150300.59.121.2.x86_64", product_id: "reiserfs-kmp-preempt-5.3.18-150300.59.121.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP3", product: { name: "SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP3", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Real Time 15 SP3", product: { name: "SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle_rt:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp3", }, }, }, { category: "product_name", name: "SUSE Manager Proxy 4.2", product: { name: "SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.2", product: { name: "SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.1", product: { name: "SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.2", product: { name: "SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.2", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 7.1", product: { name: "SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1", product_identification_helper: { cpe: "cpe:/o:suse:ses:7.1", }, }, }, { category: "product_name", name: "openSUSE Leap 15.4", product: { name: "openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", }, product_reference: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", }, product_reference: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", }, product_reference: "kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3", product_id: "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.121.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.ppc64le as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.s390x as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.s390x as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.3.18-150300.59.121.2.s390x as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.s390x as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.121.2.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.121.2.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.121.2.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.121.2.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.121.2.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.121.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.121.1.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.121.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64 as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "dtb-al-5.3.18-150300.59.121.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", }, product_reference: "dtb-al-5.3.18-150300.59.121.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, { category: "default_component_of", full_product_name: { name: "dtb-zte-5.3.18-150300.59.121.1.aarch64 as component of openSUSE Leap 15.4", product_id: "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", }, product_reference: "dtb-zte-5.3.18-150300.59.121.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.4", }, ], }, vulnerabilities: [ { cve: "CVE-2020-36691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36691", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2020-36691", url: "https://www.suse.com/security/cve/CVE-2020-36691", }, { category: "external", summary: "SUSE Bug 1209613 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209613", }, { category: "external", summary: "SUSE Bug 1209777 for CVE-2020-36691", url: "https://bugzilla.suse.com/1209777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2020-36691", }, { cve: "CVE-2022-2196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-2196", }, ], notes: [ { category: "general", text: "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2022-2196", url: "https://www.suse.com/security/cve/CVE-2022-2196", }, { category: "external", summary: "SUSE Bug 1206992 for CVE-2022-2196", url: "https://bugzilla.suse.com/1206992", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2022-2196", }, { cve: "CVE-2022-43945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-43945", }, ], notes: [ { category: "general", text: "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2022-43945", url: "https://www.suse.com/security/cve/CVE-2022-43945", }, { category: "external", summary: "SUSE Bug 1205128 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205128", }, { category: "external", summary: "SUSE Bug 1205130 for CVE-2022-43945", url: "https://bugzilla.suse.com/1205130", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2022-43945", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2022-43945", url: "https://bugzilla.suse.com/1209225", }, { category: "external", summary: "SUSE Bug 1210124 for CVE-2022-43945", url: "https://bugzilla.suse.com/1210124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "important", }, ], title: "CVE-2022-43945", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1838", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1838", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1838", url: "https://www.suse.com/security/cve/CVE-2023-1838", }, { category: "external", summary: "SUSE Bug 1210203 for CVE-2023-1838", url: "https://bugzilla.suse.com/1210203", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-1838", }, { cve: "CVE-2023-1855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1855", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1855", url: "https://www.suse.com/security/cve/CVE-2023-1855", }, { category: "external", summary: "SUSE Bug 1210202 for CVE-2023-1855", url: "https://bugzilla.suse.com/1210202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1872", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1872", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.\n\nThe io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.\n\nWe recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1872", url: "https://www.suse.com/security/cve/CVE-2023-1872", }, { category: "external", summary: "SUSE Bug 1210414 for CVE-2023-1872", url: "https://bugzilla.suse.com/1210414", }, { category: "external", summary: "SUSE Bug 1210417 for CVE-2023-1872", url: "https://bugzilla.suse.com/1210417", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "important", }, ], title: "CVE-2023-1872", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2008", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-2008", url: "https://www.suse.com/security/cve/CVE-2023-2008", }, { category: "external", summary: "SUSE Bug 1210453 for CVE-2023-2008", url: "https://bugzilla.suse.com/1210453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-2008", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-2176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2176", }, ], notes: [ { category: "general", text: "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-2176", url: "https://www.suse.com/security/cve/CVE-2023-2176", }, { category: "external", summary: "SUSE Bug 1210629 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210629", }, { category: "external", summary: "SUSE Bug 1210630 for CVE-2023-2176", url: "https://bugzilla.suse.com/1210630", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2176", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "important", }, ], title: "CVE-2023-2176", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Enterprise Storage 7.1:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Enterprise Storage 7.1:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Enterprise Storage 7.1:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_121-default-1-150300.7.3.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Real Time 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Real Time 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-64kb-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server 15 SP3-LTSS:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.aarch64", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.s390x", "SUSE Linux Enterprise Server 15 SP3-LTSS:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-docs-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-obs-build-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-preempt-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-source-5.3.18-150300.59.121.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kernel-syms-5.3.18-150300.59.121.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Proxy 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Proxy 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Proxy 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.s390x", "SUSE Manager Server 4.2:kernel-default-base-5.3.18-150300.59.121.2.150300.18.70.2.x86_64", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.ppc64le", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.s390x", "SUSE Manager Server 4.2:kernel-default-devel-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-devel-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-macros-5.3.18-150300.59.121.2.noarch", "SUSE Manager Server 4.2:kernel-preempt-5.3.18-150300.59.121.2.x86_64", "SUSE Manager Server 4.2:kernel-zfcpdump-5.3.18-150300.59.121.2.s390x", "openSUSE Leap 15.4:dtb-al-5.3.18-150300.59.121.1.aarch64", "openSUSE Leap 15.4:dtb-zte-5.3.18-150300.59.121.1.aarch64", ], }, ], threats: [ { category: "impact", date: "2023-05-09T15:05:52Z", details: "moderate", }, ], title: "CVE-2023-30772", }, ], }
wid-sec-w-2023-0962
Vulnerability from csaf_certbund
Published
2023-04-13 22:00
Modified
2023-11-12 23:00
Summary
Linux Kernel: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann eine Schwachstelle in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-0962 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0962.json", }, { category: "self", summary: "WID-SEC-2023-0962 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0962", }, { category: "external", summary: "Dell Security Advisory DSA-2023-317 vom 2023-11-13", url: "https://www.dell.com/support/kbdoc/de-de/000219148/dsa-2023-317-security-update-for-dell-networker-vproxy-multiple-linux-packages-vulnerabilities", }, { category: "external", summary: "Ubuntu Security Notice USN-6347-1 vom 2023-09-06", url: "https://ubuntu.com/security/notices/USN-6347-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6337-1 vom 2023-09-04", url: "https://ubuntu.com/security/notices/USN-6337-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6332-1 vom 2023-09-01", url: "https://ubuntu.com/security/notices/USN-6332-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6331-1 vom 2023-09-01", url: "https://ubuntu.com/security/notices/USN-6331-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6311-1 vom 2023-08-29", url: "https://ubuntu.com/security/notices/USN-6311-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6312-1 vom 2023-08-29", url: "https://ubuntu.com/security/notices/USN-6312-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6301-1 vom 2023-08-17", url: "https://ubuntu.com/security/notices/USN-6301-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6300-1 vom 2023-08-17", url: "https://ubuntu.com/security/notices/USN-6300-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6284-1 vom 2023-08-11", url: "https://ubuntu.com/security/notices/USN-6284-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6252-1 vom 2023-07-26", url: "https://ubuntu.com/security/notices/USN-6252-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6221-1 vom 2023-07-12", url: "https://ubuntu.com/security/notices/USN-6221-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2805-1 vom 2023-07-11", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015468.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6186-1 vom 2023-06-22", url: "https://ubuntu.com/security/notices/USN-6186-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6175-1 vom 2023-06-16", url: "https://ubuntu.com/security/notices/USN-6175-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2231-1 vom 2023-05-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014914.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2232-1 vom 2023-05-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014918.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2163-1 vom 2023-05-11", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014848.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2156-1 vom 2023-05-10", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014830.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2162-1 vom 2023-05-10", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014832.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2140-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014813.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2141-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014821.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2151-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014811.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2146-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014812.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2148-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014816.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2147-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014817.html", }, { category: "external", summary: "Debian Security Advisory DLA-3403 vom 2023-05-03", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, { category: "external", summary: "Debian Security Advisory DLA-3404 vom 2023-05-03", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5791-2 vom 2023-04-26", url: "https://ubuntu.com/security/notices/USN-6045-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6043-1 vom 2023-04-26", url: "https://ubuntu.com/security/notices/USN-6044-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6043-1 vom 2023-04-26", url: "https://ubuntu.com/security/notices/USN-6043-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6033-1 vom 2023-04-19", url: "https://ubuntu.com/security/notices/USN-6033-1", }, { category: "external", summary: "Github Advisory Database vom 2023-04-13", url: "https://github.com/advisories/GHSA-xh27-567v-j74r", }, ], source_lang: "en-US", title: "Linux Kernel: Schwachstelle ermöglicht Denial of Service", tracking: { current_release_date: "2023-11-12T23:00:00.000+00:00", generator: { date: "2024-08-15T17:48:51.335+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-0962", initial_release_date: "2023-04-13T22:00:00.000+00:00", revision_history: [ { date: "2023-04-13T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-04-19T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-04-26T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-05-02T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Debian aufgenommen", }, { date: "2023-05-03T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Debian aufgenommen", }, { date: "2023-05-09T22:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-10T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-18T22:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-06-18T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-06-22T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-10T22:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-07-12T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-26T22:00:00.000+00:00", number: "13", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-13T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-17T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-28T22:00:00.000+00:00", number: "16", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-31T22:00:00.000+00:00", number: "17", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-09-04T22:00:00.000+00:00", number: "18", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-09-06T22:00:00.000+00:00", number: "19", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-11-12T23:00:00.000+00:00", number: "20", summary: "Neue Updates von Dell aufgenommen", }, ], status: "final", version: "20", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_name", name: "Dell NetWorker < vproxy 19.9.0.2", product: { name: "Dell NetWorker < vproxy 19.9.0.2", product_id: "T030173", product_identification_helper: { cpe: "cpe:/a:dell:networker:vproxy_19.9.0.2", }, }, }, { category: "product_name", name: "Dell NetWorker < vproxy 19.8.0.3", product: { name: "Dell NetWorker < vproxy 19.8.0.3", product_id: "T030174", product_identification_helper: { cpe: "cpe:/a:dell:networker:vproxy_19.8.0.3", }, }, }, ], category: "product_name", name: "NetWorker", }, ], category: "vendor", name: "Dell", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "6368", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1990", notes: [ { category: "description", text: "Es existiert eine Schwachstelle im Linux-Kernel. Der Fehler besteht aufgrund eines Race Problems, das zu einem Use-after-free-Fehler in der Funktion \"ndlc_remove\" in [drivers/nfc/st-nci/ndlc.c] führt. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "2951", "T002207", "6368", "T000126", "T030174", "T030173", ], }, release_date: "2023-04-13T22:00:00.000+00:00", title: "CVE-2023-1990", }, ], }
WID-SEC-W-2023-0962
Vulnerability from csaf_certbund
Published
2023-04-13 22:00
Modified
2023-11-12 23:00
Summary
Linux Kernel: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann eine Schwachstelle in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-0962 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0962.json", }, { category: "self", summary: "WID-SEC-2023-0962 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0962", }, { category: "external", summary: "Dell Security Advisory DSA-2023-317 vom 2023-11-13", url: "https://www.dell.com/support/kbdoc/de-de/000219148/dsa-2023-317-security-update-for-dell-networker-vproxy-multiple-linux-packages-vulnerabilities", }, { category: "external", summary: "Ubuntu Security Notice USN-6347-1 vom 2023-09-06", url: "https://ubuntu.com/security/notices/USN-6347-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6337-1 vom 2023-09-04", url: "https://ubuntu.com/security/notices/USN-6337-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6332-1 vom 2023-09-01", url: "https://ubuntu.com/security/notices/USN-6332-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6331-1 vom 2023-09-01", url: "https://ubuntu.com/security/notices/USN-6331-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6311-1 vom 2023-08-29", url: "https://ubuntu.com/security/notices/USN-6311-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6312-1 vom 2023-08-29", url: "https://ubuntu.com/security/notices/USN-6312-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6301-1 vom 2023-08-17", url: "https://ubuntu.com/security/notices/USN-6301-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6300-1 vom 2023-08-17", url: "https://ubuntu.com/security/notices/USN-6300-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6284-1 vom 2023-08-11", url: "https://ubuntu.com/security/notices/USN-6284-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6252-1 vom 2023-07-26", url: "https://ubuntu.com/security/notices/USN-6252-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6221-1 vom 2023-07-12", url: "https://ubuntu.com/security/notices/USN-6221-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2805-1 vom 2023-07-11", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015468.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6186-1 vom 2023-06-22", url: "https://ubuntu.com/security/notices/USN-6186-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6175-1 vom 2023-06-16", url: "https://ubuntu.com/security/notices/USN-6175-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2231-1 vom 2023-05-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014914.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2232-1 vom 2023-05-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014918.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2163-1 vom 2023-05-11", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014848.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2156-1 vom 2023-05-10", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014830.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2162-1 vom 2023-05-10", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014832.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2140-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014813.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2141-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014821.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2151-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014811.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2146-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014812.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2148-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014816.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2147-1 vom 2023-05-09", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014817.html", }, { category: "external", summary: "Debian Security Advisory DLA-3403 vom 2023-05-03", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, { category: "external", summary: "Debian Security Advisory DLA-3404 vom 2023-05-03", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5791-2 vom 2023-04-26", url: "https://ubuntu.com/security/notices/USN-6045-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6043-1 vom 2023-04-26", url: "https://ubuntu.com/security/notices/USN-6044-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6043-1 vom 2023-04-26", url: "https://ubuntu.com/security/notices/USN-6043-1", }, { category: "external", summary: "Ubuntu Security Notice USN-6033-1 vom 2023-04-19", url: "https://ubuntu.com/security/notices/USN-6033-1", }, { category: "external", summary: "Github Advisory Database vom 2023-04-13", url: "https://github.com/advisories/GHSA-xh27-567v-j74r", }, ], source_lang: "en-US", title: "Linux Kernel: Schwachstelle ermöglicht Denial of Service", tracking: { current_release_date: "2023-11-12T23:00:00.000+00:00", generator: { date: "2024-08-15T17:48:51.335+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-0962", initial_release_date: "2023-04-13T22:00:00.000+00:00", revision_history: [ { date: "2023-04-13T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-04-19T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-04-26T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-05-02T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Debian aufgenommen", }, { date: "2023-05-03T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Debian aufgenommen", }, { date: "2023-05-09T22:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-10T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-18T22:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-06-18T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-06-22T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-10T22:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-07-12T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-07-26T22:00:00.000+00:00", number: "13", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-13T22:00:00.000+00:00", number: "14", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-17T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-28T22:00:00.000+00:00", number: "16", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-08-31T22:00:00.000+00:00", number: "17", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-09-04T22:00:00.000+00:00", number: "18", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-09-06T22:00:00.000+00:00", number: "19", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2023-11-12T23:00:00.000+00:00", number: "20", summary: "Neue Updates von Dell aufgenommen", }, ], status: "final", version: "20", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_name", name: "Dell NetWorker < vproxy 19.9.0.2", product: { name: "Dell NetWorker < vproxy 19.9.0.2", product_id: "T030173", product_identification_helper: { cpe: "cpe:/a:dell:networker:vproxy_19.9.0.2", }, }, }, { category: "product_name", name: "Dell NetWorker < vproxy 19.8.0.3", product: { name: "Dell NetWorker < vproxy 19.8.0.3", product_id: "T030174", product_identification_helper: { cpe: "cpe:/a:dell:networker:vproxy_19.8.0.3", }, }, }, ], category: "product_name", name: "NetWorker", }, ], category: "vendor", name: "Dell", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "6368", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1990", notes: [ { category: "description", text: "Es existiert eine Schwachstelle im Linux-Kernel. Der Fehler besteht aufgrund eines Race Problems, das zu einem Use-after-free-Fehler in der Funktion \"ndlc_remove\" in [drivers/nfc/st-nci/ndlc.c] führt. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "2951", "T002207", "6368", "T000126", "T030174", "T030173", ], }, release_date: "2023-04-13T22:00:00.000+00:00", title: "CVE-2023-1990", }, ], }
WID-SEC-W-2024-0794
Vulnerability from csaf_certbund
Published
2024-04-04 22:00
Modified
2024-11-27 23:00
Summary
Dell ECS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell ECS ist ein Objektspeichersystem.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Dell ECS ist ein Objektspeichersystem.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", title: "Angriff", }, { category: "general", text: "- Linux\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-0794 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0794.json", }, { category: "self", summary: "WID-SEC-2024-0794 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0794", }, { category: "external", summary: "Dell Security Advisory DSA-2024-141 vom 2024-04-04", url: "https://www.dell.com/support/kbdoc/000223839/dsa-2024-=", }, ], source_lang: "en-US", title: "Dell ECS: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-27T23:00:00.000+00:00", generator: { date: "2024-11-28T11:39:04.623+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-0794", initial_release_date: "2024-04-04T22:00:00.000+00:00", revision_history: [ { date: "2024-04-04T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-27T23:00:00.000+00:00", number: "2", summary: "Produktzuordnung überprüft", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<3.8.1.0", product: { name: "Dell ECS <3.8.1.0", product_id: "T033919", }, }, { category: "product_version", name: "3.8.1.0", product: { name: "Dell ECS 3.8.1.0", product_id: "T033919-fixed", product_identification_helper: { cpe: "cpe:/h:dell:ecs:3.8.1.0", }, }, }, ], category: "product_name", name: "ECS", }, ], category: "vendor", name: "Dell", }, ], }, vulnerabilities: [ { cve: "CVE-2018-18074", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2018-18074", }, { cve: "CVE-2020-10663", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10663", }, { cve: "CVE-2020-10672", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10672", }, { cve: "CVE-2020-10673", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10673", }, { cve: "CVE-2020-10735", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10735", }, { cve: "CVE-2020-10968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10968", }, { cve: "CVE-2020-10969", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10969", }, { cve: "CVE-2020-11111", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11111", }, { cve: "CVE-2020-11112", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11112", }, { cve: "CVE-2020-11113", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11113", }, { cve: "CVE-2020-11612", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11612", }, { cve: "CVE-2020-11619", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11619", }, { cve: "CVE-2020-11620", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11620", }, { cve: "CVE-2020-11979", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11979", }, { cve: "CVE-2020-12762", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-12762", }, { cve: "CVE-2020-12825", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-12825", }, { cve: "CVE-2020-13956", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-13956", }, { cve: "CVE-2020-14060", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14060", }, { cve: "CVE-2020-14061", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14061", }, { cve: "CVE-2020-14062", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14062", }, { cve: "CVE-2020-14195", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14195", }, { cve: "CVE-2020-15250", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-15250", }, { cve: "CVE-2020-1945", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-1945", }, { cve: "CVE-2020-1967", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-1967", }, { cve: "CVE-2020-1971", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-1971", }, { cve: "CVE-2020-24616", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-24616", }, { cve: "CVE-2020-24750", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-24750", }, { cve: "CVE-2020-25649", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-25649", }, { cve: "CVE-2020-25658", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-25658", }, { cve: "CVE-2020-26116", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-26116", }, { cve: "CVE-2020-26137", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-26137", }, { cve: "CVE-2020-26541", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-26541", }, { cve: "CVE-2020-27216", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-27216", }, { cve: "CVE-2020-27218", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-27218", }, { cve: "CVE-2020-27223", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-27223", }, { cve: "CVE-2020-28366", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-28366", }, { cve: "CVE-2020-28493", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-28493", }, { cve: "CVE-2020-29509", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29509", }, { cve: "CVE-2020-29511", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29511", }, { cve: "CVE-2020-29582", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29582", }, { cve: "CVE-2020-29651", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29651", }, { cve: "CVE-2020-35490", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-35490", }, { cve: "CVE-2020-35491", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-35491", }, { cve: "CVE-2020-35728", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-35728", }, { cve: "CVE-2020-36179", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36179", }, { cve: "CVE-2020-36180", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36180", }, { cve: "CVE-2020-36181", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36181", }, { cve: "CVE-2020-36182", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36182", }, { cve: "CVE-2020-36183", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36183", }, { cve: "CVE-2020-36184", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36184", }, { cve: "CVE-2020-36185", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36185", }, { cve: "CVE-2020-36186", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36186", }, { cve: "CVE-2020-36187", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36187", }, { cve: "CVE-2020-36188", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36188", }, { cve: "CVE-2020-36189", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36189", }, { cve: "CVE-2020-36516", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36516", }, { cve: "CVE-2020-36518", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36518", }, { cve: "CVE-2020-36557", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36557", }, { cve: "CVE-2020-36558", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36558", }, { cve: "CVE-2020-36691", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36691", }, { cve: "CVE-2020-7238", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-7238", }, { cve: "CVE-2020-8840", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8840", }, { cve: "CVE-2020-8908", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8908", }, { cve: "CVE-2020-8911", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8911", }, { cve: "CVE-2020-8912", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8912", }, { cve: "CVE-2020-9488", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9488", }, { cve: "CVE-2020-9493", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9493", }, { cve: "CVE-2020-9546", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9546", }, { cve: "CVE-2020-9547", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9547", }, { cve: "CVE-2020-9548", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9548", }, { cve: "CVE-2021-20190", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-20190", }, { cve: "CVE-2021-20323", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-20323", }, { cve: "CVE-2021-21290", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-21290", }, { cve: "CVE-2021-21295", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-21295", }, { cve: "CVE-2021-21409", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-21409", }, { cve: "CVE-2021-23840", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-23840", }, { cve: "CVE-2021-23841", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-23841", }, { cve: "CVE-2021-2471", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-2471", }, { cve: "CVE-2021-25642", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-25642", }, { cve: "CVE-2021-26341", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-26341", }, { cve: "CVE-2021-27918", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-27918", }, { cve: "CVE-2021-28153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28153", }, { cve: "CVE-2021-28165", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28165", }, { cve: "CVE-2021-28169", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28169", }, { cve: "CVE-2021-28861", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28861", }, { cve: "CVE-2021-29425", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-29425", }, { cve: "CVE-2021-30560", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-30560", }, { cve: "CVE-2021-3114", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3114", }, { cve: "CVE-2021-33036", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33036", }, { cve: "CVE-2021-33194", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33194", }, { cve: "CVE-2021-33195", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33195", }, { cve: "CVE-2021-33196", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33196", }, { cve: "CVE-2021-33197", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33197", }, { cve: "CVE-2021-33503", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33503", }, { cve: "CVE-2021-33655", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33655", }, { cve: "CVE-2021-33656", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33656", }, { cve: "CVE-2021-3424", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3424", }, { cve: "CVE-2021-34428", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-34428", }, { cve: "CVE-2021-3449", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3449", }, { cve: "CVE-2021-3450", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3450", }, { cve: "CVE-2021-3530", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3530", }, { cve: "CVE-2021-36221", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36221", }, { cve: "CVE-2021-36373", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36373", }, { cve: "CVE-2021-36374", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36374", }, { cve: "CVE-2021-3648", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3648", }, { cve: "CVE-2021-36690", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36690", }, { cve: "CVE-2021-3711", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3711", }, { cve: "CVE-2021-3712", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3712", }, { cve: "CVE-2021-37136", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37136", }, { cve: "CVE-2021-37137", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37137", }, { cve: "CVE-2021-37404", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37404", }, { cve: "CVE-2021-37533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37533", }, { cve: "CVE-2021-3754", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3754", }, { cve: "CVE-2021-3778", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3778", }, { cve: "CVE-2021-3796", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3796", }, { cve: "CVE-2021-3826", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3826", }, { cve: "CVE-2021-3827", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3827", }, { cve: "CVE-2021-38297", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-38297", }, { cve: "CVE-2021-3872", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3872", }, { cve: "CVE-2021-3875", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3875", }, { cve: "CVE-2021-3903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3903", }, { cve: "CVE-2021-3923", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3923", }, { cve: "CVE-2021-3927", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3927", }, { cve: "CVE-2021-3928", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3928", }, { cve: "CVE-2021-3968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3968", }, { cve: "CVE-2021-3973", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3973", }, { cve: "CVE-2021-3974", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3974", }, { cve: "CVE-2021-3984", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3984", }, { cve: "CVE-2021-4019", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4019", }, { cve: "CVE-2021-4037", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4037", }, { cve: "CVE-2021-4069", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4069", }, { cve: "CVE-2021-4104", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4104", }, { cve: "CVE-2021-4136", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4136", }, { cve: "CVE-2021-4157", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4157", }, { cve: "CVE-2021-4166", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4166", }, { cve: "CVE-2021-41771", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-41771", }, { cve: "CVE-2021-4192", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4192", }, { cve: "CVE-2021-4193", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4193", }, { cve: "CVE-2021-4203", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4203", }, { cve: "CVE-2021-42567", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-42567", }, { cve: "CVE-2021-43797", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-43797", }, { cve: "CVE-2021-44531", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44531", }, { cve: "CVE-2021-44532", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44532", }, { cve: "CVE-2021-44533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44533", }, { cve: "CVE-2021-44716", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44716", }, { cve: "CVE-2021-44878", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44878", }, { cve: "CVE-2021-45078", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-45078", }, { cve: "CVE-2021-46195", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-46195", }, { cve: "CVE-2021-46828", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-46828", }, { cve: "CVE-2021-46848", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-46848", }, { cve: "CVE-2022-0128", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0128", }, { cve: "CVE-2022-0213", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0213", }, { cve: "CVE-2022-0225", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0225", }, { cve: "CVE-2022-0261", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0261", }, { cve: "CVE-2022-0318", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0318", }, { cve: "CVE-2022-0319", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0319", }, { cve: "CVE-2022-0351", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0351", }, { cve: "CVE-2022-0359", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0359", }, { cve: "CVE-2022-0361", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0361", }, { cve: "CVE-2022-0392", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0392", }, { cve: "CVE-2022-0407", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0407", }, { cve: "CVE-2022-0413", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0413", }, { cve: "CVE-2022-0561", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0561", }, { cve: "CVE-2022-0696", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0696", }, { cve: "CVE-2022-0778", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0778", }, { cve: "CVE-2022-1184", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1184", }, { cve: "CVE-2022-1245", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1245", }, { cve: "CVE-2022-1271", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1271", }, { cve: "CVE-2022-1292", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1292", }, { cve: "CVE-2022-1381", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1381", }, { cve: "CVE-2022-1420", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1420", }, { cve: "CVE-2022-1462", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1462", }, { cve: "CVE-2022-1466", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1466", }, { cve: "CVE-2022-1471", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1471", }, { cve: "CVE-2022-1586", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1586", }, { cve: "CVE-2022-1587", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1587", }, { cve: "CVE-2022-1616", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1616", }, { cve: "CVE-2022-1619", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1619", }, { cve: "CVE-2022-1620", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1620", }, { cve: "CVE-2022-1679", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1679", }, { cve: "CVE-2022-1705", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1705", }, { cve: "CVE-2022-1720", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1720", }, { cve: "CVE-2022-1729", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1729", }, { cve: "CVE-2022-1733", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1733", }, { cve: "CVE-2022-1735", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1735", }, { cve: "CVE-2022-1771", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1771", }, { cve: "CVE-2022-1785", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1785", }, { cve: "CVE-2022-1796", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1796", }, { cve: "CVE-2022-1851", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1851", }, { cve: "CVE-2022-1897", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1897", }, { cve: "CVE-2022-1898", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1898", }, { cve: "CVE-2022-1927", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1927", }, { cve: "CVE-2022-1962", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1962", }, { cve: "CVE-2022-1968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1968", }, { cve: "CVE-2022-1974", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1974", }, { cve: "CVE-2022-1975", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1975", }, { cve: "CVE-2022-20132", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20132", }, { cve: "CVE-2022-20141", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20141", }, { cve: "CVE-2022-20154", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20154", }, { cve: "CVE-2022-20166", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20166", }, { cve: "CVE-2022-20368", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20368", }, { cve: "CVE-2022-20369", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20369", }, { cve: "CVE-2022-2047", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2047", }, { cve: "CVE-2022-2048", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2048", }, { cve: "CVE-2022-20567", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20567", }, { cve: "CVE-2022-2068", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2068", }, { cve: "CVE-2022-2097", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2097", }, { cve: "CVE-2022-21216", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21216", }, { cve: "CVE-2022-21233", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21233", }, { cve: "CVE-2022-2124", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2124", }, { cve: "CVE-2022-2125", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2125", }, { cve: "CVE-2022-2126", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2126", }, { cve: "CVE-2022-2129", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2129", }, { cve: "CVE-2022-21363", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21363", }, { cve: "CVE-2022-21385", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21385", }, { cve: "CVE-2022-21499", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21499", }, { cve: "CVE-2022-2153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2153", }, { cve: "CVE-2022-21540", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21540", }, { cve: "CVE-2022-21541", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21541", }, { cve: "CVE-2022-21549", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21549", }, { cve: "CVE-2022-21618", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21618", }, { cve: "CVE-2022-21619", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21619", }, { cve: "CVE-2022-21624", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21624", }, { cve: "CVE-2022-21626", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21626", }, { cve: "CVE-2022-21628", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21628", }, { cve: "CVE-2022-21702", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21702", }, { cve: "CVE-2022-2175", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2175", }, { cve: "CVE-2022-2182", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2182", }, { cve: "CVE-2022-2183", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2183", }, { cve: "CVE-2022-2206", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2206", }, { cve: "CVE-2022-2207", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2207", }, { cve: "CVE-2022-2208", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2208", }, { cve: "CVE-2022-2210", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2210", }, { cve: "CVE-2022-2231", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2231", }, { cve: "CVE-2022-2256", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2256", }, { cve: "CVE-2022-2257", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2257", }, { cve: "CVE-2022-2264", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2264", }, { cve: "CVE-2022-2284", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2284", }, { cve: "CVE-2022-2285", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2285", }, { cve: "CVE-2022-2286", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2286", }, { cve: "CVE-2022-2287", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2287", }, { cve: "CVE-2022-22976", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-22976", }, { cve: "CVE-2022-22978", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-22978", }, { cve: "CVE-2022-2304", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2304", }, { cve: "CVE-2022-2318", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2318", }, { cve: "CVE-2022-23302", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23302", }, { cve: "CVE-2022-23305", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23305", }, { cve: "CVE-2022-23307", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23307", }, { cve: "CVE-2022-2343", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2343", }, { cve: "CVE-2022-2344", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2344", }, { cve: "CVE-2022-2345", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2345", }, { cve: "CVE-2022-23471", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23471", }, { cve: "CVE-2022-23521", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23521", }, { cve: "CVE-2022-23772", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23772", }, { cve: "CVE-2022-23773", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23773", }, { cve: "CVE-2022-24302", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24302", }, { cve: "CVE-2022-24329", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24329", }, { cve: "CVE-2022-24823", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24823", }, { cve: "CVE-2022-24903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24903", }, { cve: "CVE-2022-2503", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2503", }, { cve: "CVE-2022-25147", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25147", }, { cve: "CVE-2022-25168", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25168", }, { cve: "CVE-2022-2519", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2519", }, { cve: "CVE-2022-2520", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2520", }, { cve: "CVE-2022-2521", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2521", }, { cve: "CVE-2022-2522", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2522", }, { cve: "CVE-2022-25647", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25647", }, { cve: "CVE-2022-2571", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2571", }, { cve: "CVE-2022-2580", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2580", }, { cve: "CVE-2022-2581", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2581", }, { cve: "CVE-2022-25857", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25857", }, { cve: "CVE-2022-2588", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2588", }, { cve: "CVE-2022-2598", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2598", }, { cve: "CVE-2022-26148", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26148", }, { cve: "CVE-2022-26365", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26365", }, { cve: "CVE-2022-26373", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26373", }, { cve: "CVE-2022-2639", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2639", }, { cve: "CVE-2022-26612", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26612", }, { cve: "CVE-2022-2663", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2663", }, { cve: "CVE-2022-27781", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-27781", }, { cve: "CVE-2022-27782", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-27782", }, { cve: "CVE-2022-27943", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-27943", }, { cve: "CVE-2022-2795", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2795", }, { cve: "CVE-2022-28131", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28131", }, { cve: "CVE-2022-2816", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2816", }, { cve: "CVE-2022-2817", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2817", }, { cve: "CVE-2022-2819", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2819", }, { cve: "CVE-2022-28327", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28327", }, { cve: "CVE-2022-2845", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2845", }, { cve: "CVE-2022-2849", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2849", }, { cve: "CVE-2022-2862", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2862", }, { cve: "CVE-2022-2867", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2867", }, { cve: "CVE-2022-2868", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2868", }, { cve: "CVE-2022-2869", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2869", }, { cve: "CVE-2022-28693", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28693", }, { cve: "CVE-2022-2874", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2874", }, { cve: "CVE-2022-28748", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28748", }, { cve: "CVE-2022-2880", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2880", }, { cve: "CVE-2022-2889", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2889", }, { cve: "CVE-2022-29162", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29162", }, { cve: "CVE-2022-29187", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29187", }, { cve: "CVE-2022-2923", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2923", }, { cve: "CVE-2022-2946", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2946", }, { cve: "CVE-2022-29526", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29526", }, { cve: "CVE-2022-29583", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29583", }, { cve: "CVE-2022-2964", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2964", }, { cve: "CVE-2022-2977", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2977", }, { cve: "CVE-2022-2980", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2980", }, { cve: "CVE-2022-2982", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2982", }, { cve: "CVE-2022-29900", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29900", }, { cve: "CVE-2022-29901", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29901", }, { cve: "CVE-2022-2991", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2991", }, { cve: "CVE-2022-3016", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3016", }, { cve: "CVE-2022-3028", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3028", }, { cve: "CVE-2022-3037", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3037", }, { cve: "CVE-2022-30580", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30580", }, { cve: "CVE-2022-30630", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30630", }, { cve: "CVE-2022-30631", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30631", }, { cve: "CVE-2022-30632", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30632", }, { cve: "CVE-2022-30633", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30633", }, { cve: "CVE-2022-3099", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3099", }, { cve: "CVE-2022-31030", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-31030", }, { cve: "CVE-2022-31159", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-31159", }, { cve: "CVE-2022-3134", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3134", }, { cve: "CVE-2022-3153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3153", }, { cve: "CVE-2022-3169", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3169", }, { cve: "CVE-2022-31690", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-31690", }, { cve: "CVE-2022-32148", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32148", }, { cve: "CVE-2022-32149", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32149", }, { cve: "CVE-2022-32206", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32206", }, { cve: "CVE-2022-32208", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32208", }, { cve: "CVE-2022-32221", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32221", }, { cve: "CVE-2022-3234", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3234", }, { cve: "CVE-2022-3235", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3235", }, { cve: "CVE-2022-3239", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3239", }, { cve: "CVE-2022-3278", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3278", }, { cve: "CVE-2022-3296", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3296", }, { cve: "CVE-2022-3297", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3297", }, { cve: "CVE-2022-33196", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33196", }, { cve: "CVE-2022-3324", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3324", }, { cve: "CVE-2022-3352", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3352", }, { cve: "CVE-2022-33740", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33740", }, { cve: "CVE-2022-33741", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33741", }, { cve: "CVE-2022-33742", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33742", }, { cve: "CVE-2022-33972", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33972", }, { cve: "CVE-2022-33981", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33981", }, { cve: "CVE-2022-34169", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34169", }, { cve: "CVE-2022-3424", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3424", }, { cve: "CVE-2022-34266", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34266", }, { cve: "CVE-2022-34526", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34526", }, { cve: "CVE-2022-34903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34903", }, { cve: "CVE-2022-3491", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3491", }, { cve: "CVE-2022-3515", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3515", }, { cve: "CVE-2022-3520", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3520", }, { cve: "CVE-2022-3521", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3521", }, { cve: "CVE-2022-3524", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3524", }, { cve: "CVE-2022-35252", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-35252", }, { cve: "CVE-2022-3542", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3542", }, { cve: "CVE-2022-3545", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3545", }, { cve: "CVE-2022-3564", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3564", }, { cve: "CVE-2022-3565", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3565", }, { cve: "CVE-2022-3566", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3566", }, { cve: "CVE-2022-3567", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3567", }, { cve: "CVE-2022-35737", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-35737", }, { cve: "CVE-2022-3586", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3586", }, { cve: "CVE-2022-3591", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3591", }, { cve: "CVE-2022-3594", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3594", }, { cve: "CVE-2022-3597", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3597", }, { cve: "CVE-2022-3599", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3599", }, { cve: "CVE-2022-36109", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36109", }, { cve: "CVE-2022-3621", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3621", }, { cve: "CVE-2022-3626", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3626", }, { cve: "CVE-2022-3627", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3627", }, { cve: "CVE-2022-3628", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3628", }, { cve: "CVE-2022-36280", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36280", }, { cve: "CVE-2022-3629", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3629", }, { cve: "CVE-2022-3635", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3635", }, { cve: "CVE-2022-3643", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3643", }, { cve: "CVE-2022-36437", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36437", }, { cve: "CVE-2022-3646", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3646", }, { cve: "CVE-2022-3649", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3649", }, { cve: "CVE-2022-36760", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36760", }, { cve: "CVE-2022-36879", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36946", }, { cve: "CVE-2022-3705", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3705", }, { cve: "CVE-2022-37434", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37434", }, { cve: "CVE-2022-37436", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37436", }, { cve: "CVE-2022-37865", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37865", }, { cve: "CVE-2022-37866", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37866", }, { cve: "CVE-2022-38090", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38090", }, { cve: "CVE-2022-38096", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38096", }, { cve: "CVE-2022-38126", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38126", }, { cve: "CVE-2022-38127", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38127", }, { cve: "CVE-2022-38177", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38177", }, { cve: "CVE-2022-38178", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38178", }, { cve: "CVE-2022-3821", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3821", }, { cve: "CVE-2022-38533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38533", }, { cve: "CVE-2022-38749", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38749", }, { cve: "CVE-2022-38750", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38750", }, { cve: "CVE-2022-38751", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38751", }, { cve: "CVE-2022-38752", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38752", }, { cve: "CVE-2022-39028", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-39028", }, { cve: "CVE-2022-3903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3903", }, { cve: "CVE-2022-39188", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-39188", }, { cve: "CVE-2022-39399", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-39399", }, { cve: "CVE-2022-3970", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3970", }, { cve: "CVE-2022-40149", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40149", }, { cve: "CVE-2022-40150", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40150", }, { cve: "CVE-2022-40151", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40151", }, { cve: "CVE-2022-40152", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40152", }, { cve: "CVE-2022-40153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40153", }, { cve: "CVE-2022-40303", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40303", }, { cve: "CVE-2022-40304", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40304", }, { cve: "CVE-2022-40307", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40307", }, { cve: "CVE-2022-40674", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40674", }, { cve: "CVE-2022-40768", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40768", }, { cve: "CVE-2022-40899", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40899", }, { cve: "CVE-2022-4095", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4095", }, { cve: "CVE-2022-41218", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41218", }, { cve: "CVE-2022-4129", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4129", }, { cve: "CVE-2022-4141", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4141", }, { cve: "CVE-2022-41717", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41717", }, { cve: "CVE-2022-41721", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41721", }, { cve: "CVE-2022-41848", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41848", }, { cve: "CVE-2022-41850", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41850", }, { cve: "CVE-2022-41854", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41854", }, { cve: "CVE-2022-41858", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41858", }, { cve: "CVE-2022-41881", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41881", }, { cve: "CVE-2022-41903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41903", }, { cve: "CVE-2022-41915", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41915", }, { cve: "CVE-2022-41966", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41966", }, { cve: "CVE-2022-41974", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41974", }, { cve: "CVE-2022-42003", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42003", }, { cve: "CVE-2022-42004", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42004", }, { cve: "CVE-2022-42010", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42010", }, { cve: "CVE-2022-42011", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42011", }, { cve: "CVE-2022-42012", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42012", }, { cve: "CVE-2022-42328", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42328", }, { cve: "CVE-2022-42329", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42329", }, { cve: "CVE-2022-42703", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42703", }, { cve: "CVE-2022-42889", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42889", }, { cve: "CVE-2022-42895", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42895", }, { cve: "CVE-2022-42896", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42896", }, { cve: "CVE-2022-42898", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42898", }, { cve: "CVE-2022-4292", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4292", }, { cve: "CVE-2022-4293", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4293", }, { cve: "CVE-2022-42969", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42969", }, { cve: "CVE-2022-4304", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4304", }, { cve: "CVE-2022-43552", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43552", }, { cve: "CVE-2022-43680", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43680", }, { cve: "CVE-2022-43750", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43750", }, { cve: "CVE-2022-4378", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4378", }, { cve: "CVE-2022-43945", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43945", }, { cve: "CVE-2022-43995", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43995", }, { cve: "CVE-2022-4415", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4415", }, { cve: "CVE-2022-4450", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4450", }, { cve: "CVE-2022-44638", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-44638", }, { cve: "CVE-2022-45061", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45061", }, { cve: "CVE-2022-45688", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45688", }, { cve: "CVE-2022-45884", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45884", }, { cve: "CVE-2022-45885", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45885", }, { cve: "CVE-2022-45886", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45886", }, { cve: "CVE-2022-45887", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45887", }, { cve: "CVE-2022-45919", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45919", }, { cve: "CVE-2022-45934", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45934", }, { cve: "CVE-2022-45939", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45939", }, { cve: "CVE-2022-4662", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4662", }, { cve: "CVE-2022-46751", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-46751", }, { cve: "CVE-2022-46908", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-46908", }, { cve: "CVE-2022-47629", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-47629", }, { cve: "CVE-2022-47929", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-47929", }, { cve: "CVE-2022-48281", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-48281", }, { cve: "CVE-2022-48337", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-48337", }, { cve: "CVE-2022-48339", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-48339", }, { cve: "CVE-2023-0045", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0045", }, { cve: "CVE-2023-0049", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0049", }, { cve: "CVE-2023-0051", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0051", }, { cve: "CVE-2023-0054", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0054", }, { cve: "CVE-2023-0215", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0215", }, { cve: "CVE-2023-0286", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0286", }, { cve: "CVE-2023-0288", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0288", }, { cve: "CVE-2023-0433", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0433", }, { cve: "CVE-2023-0464", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0466", }, { cve: "CVE-2023-0512", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0512", }, { cve: "CVE-2023-0590", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0590", }, { cve: "CVE-2023-0597", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0597", }, { cve: "CVE-2023-0833", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0833", }, { cve: "CVE-2023-1076", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1076", }, { cve: "CVE-2023-1095", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1095", }, { cve: "CVE-2023-1118", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1118", }, { cve: "CVE-2023-1127", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1127", }, { cve: "CVE-2023-1170", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1170", }, { cve: "CVE-2023-1175", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1175", }, { cve: "CVE-2023-1370", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1370", }, { cve: "CVE-2023-1380", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1380", }, { cve: "CVE-2023-1390", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1390", }, { cve: "CVE-2023-1436", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1436", }, { cve: "CVE-2023-1513", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1513", }, { cve: "CVE-2023-1611", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1998", }, { cve: "CVE-2023-20862", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-20862", }, { cve: "CVE-2023-2124", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2162", }, { cve: "CVE-2023-2176", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2176", }, { cve: "CVE-2023-21830", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21830", }, { cve: "CVE-2023-21835", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21835", }, { cve: "CVE-2023-21843", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21843", }, { cve: "CVE-2023-21930", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21930", }, { cve: "CVE-2023-21937", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21937", }, { cve: "CVE-2023-21938", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21938", }, { cve: "CVE-2023-21939", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21939", }, { cve: "CVE-2023-2194", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2194", }, { cve: "CVE-2023-21954", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21954", }, { cve: "CVE-2023-21967", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21967", }, { cve: "CVE-2023-21968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21968", }, { cve: "CVE-2023-22490", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-22490", }, { cve: "CVE-2023-2253", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2253", }, { cve: "CVE-2023-22809", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-22809", }, { cve: "CVE-2023-23454", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23455", }, { cve: "CVE-2023-23559", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23559", }, { cve: "CVE-2023-23916", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23916", }, { cve: "CVE-2023-23946", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23946", }, { cve: "CVE-2023-24329", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24329", }, { cve: "CVE-2023-24532", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24532", }, { cve: "CVE-2023-24534", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24534", }, { cve: "CVE-2023-2483", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2483", }, { cve: "CVE-2023-24998", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24998", }, { cve: "CVE-2023-2513", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2513", }, { cve: "CVE-2023-25193", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25193", }, { cve: "CVE-2023-25652", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25652", }, { cve: "CVE-2023-25690", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25690", }, { cve: "CVE-2023-25809", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25809", }, { cve: "CVE-2023-25815", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25815", }, { cve: "CVE-2023-26048", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26048", }, { cve: "CVE-2023-26049", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26049", }, { cve: "CVE-2023-2650", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2650", }, { cve: "CVE-2023-26545", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26545", }, { cve: "CVE-2023-26604", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26604", }, { cve: "CVE-2023-27533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27533", }, { cve: "CVE-2023-27534", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27534", }, { cve: "CVE-2023-27535", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27535", }, { cve: "CVE-2023-27536", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27536", }, { cve: "CVE-2023-27538", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27538", }, { cve: "CVE-2023-27561", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27561", }, { cve: "CVE-2023-2828", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2828", }, { cve: "CVE-2023-28320", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28320", }, { cve: "CVE-2023-28321", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28321", }, { cve: "CVE-2023-28322", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28322", }, { cve: "CVE-2023-28328", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28328", }, { cve: "CVE-2023-28464", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28464", }, { cve: "CVE-2023-28486", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28486", }, { cve: "CVE-2023-28487", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28487", }, { cve: "CVE-2023-28642", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28642", }, { cve: "CVE-2023-28772", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28772", }, { cve: "CVE-2023-28840", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28840", }, { cve: "CVE-2023-28841", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28841", }, { cve: "CVE-2023-28842", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28842", }, { cve: "CVE-2023-29007", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29007", }, { cve: "CVE-2023-29383", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29383", }, { cve: "CVE-2023-29402", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29402", }, { cve: "CVE-2023-29406", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29406", }, { cve: "CVE-2023-29409", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29409", }, { cve: "CVE-2023-2976", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2976", }, { cve: "CVE-2023-30630", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-30630", }, { cve: "CVE-2023-30772", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-30772", }, { cve: "CVE-2023-31084", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-31084", }, { cve: "CVE-2023-3138", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-3138", }, { cve: "CVE-2023-31436", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-31436", }, { cve: "CVE-2023-31484", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-31484", }, { cve: "CVE-2023-32269", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-32269", }, { cve: "CVE-2023-32697", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-32697", }, { cve: "CVE-2023-33264", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-33264", }, { cve: "CVE-2023-34034", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34034", }, { cve: "CVE-2023-34035", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34035", }, { cve: "CVE-2023-34453", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34453", }, { cve: "CVE-2023-34454", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34454", }, { cve: "CVE-2023-34455", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34455", }, { cve: "CVE-2023-34462", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34462", }, { cve: "CVE-2023-35116", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-35116", }, { cve: "CVE-2023-3635", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-3635", }, { cve: "CVE-2023-36479", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-36479", }, { cve: "CVE-2023-39533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-39533", }, { cve: "CVE-2023-40167", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-40167", }, { cve: "CVE-2023-40217", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-40217", }, { cve: "CVE-2023-41105", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-41105", }, { cve: "CVE-2023-41900", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-41900", }, { cve: "CVE-2023-43642", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-43642", }, { cve: "CVE-2023-43804", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-43804", }, { cve: "CVE-2023-44487", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-44487", }, { cve: "CVE-2023-45803", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-45803", }, { cve: "CVE-2024-21626", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2024-21626", }, ], }
wid-sec-w-2024-0794
Vulnerability from csaf_certbund
Published
2024-04-04 22:00
Modified
2024-11-27 23:00
Summary
Dell ECS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell ECS ist ein Objektspeichersystem.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Dell ECS ist ein Objektspeichersystem.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", title: "Angriff", }, { category: "general", text: "- Linux\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-0794 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0794.json", }, { category: "self", summary: "WID-SEC-2024-0794 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0794", }, { category: "external", summary: "Dell Security Advisory DSA-2024-141 vom 2024-04-04", url: "https://www.dell.com/support/kbdoc/000223839/dsa-2024-=", }, ], source_lang: "en-US", title: "Dell ECS: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-27T23:00:00.000+00:00", generator: { date: "2024-11-28T11:39:04.623+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-0794", initial_release_date: "2024-04-04T22:00:00.000+00:00", revision_history: [ { date: "2024-04-04T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-27T23:00:00.000+00:00", number: "2", summary: "Produktzuordnung überprüft", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<3.8.1.0", product: { name: "Dell ECS <3.8.1.0", product_id: "T033919", }, }, { category: "product_version", name: "3.8.1.0", product: { name: "Dell ECS 3.8.1.0", product_id: "T033919-fixed", product_identification_helper: { cpe: "cpe:/h:dell:ecs:3.8.1.0", }, }, }, ], category: "product_name", name: "ECS", }, ], category: "vendor", name: "Dell", }, ], }, vulnerabilities: [ { cve: "CVE-2018-18074", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2018-18074", }, { cve: "CVE-2020-10663", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10663", }, { cve: "CVE-2020-10672", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10672", }, { cve: "CVE-2020-10673", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10673", }, { cve: "CVE-2020-10735", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10735", }, { cve: "CVE-2020-10968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10968", }, { cve: "CVE-2020-10969", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-10969", }, { cve: "CVE-2020-11111", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11111", }, { cve: "CVE-2020-11112", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11112", }, { cve: "CVE-2020-11113", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11113", }, { cve: "CVE-2020-11612", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11612", }, { cve: "CVE-2020-11619", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11619", }, { cve: "CVE-2020-11620", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11620", }, { cve: "CVE-2020-11979", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-11979", }, { cve: "CVE-2020-12762", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-12762", }, { cve: "CVE-2020-12825", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-12825", }, { cve: "CVE-2020-13956", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-13956", }, { cve: "CVE-2020-14060", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14060", }, { cve: "CVE-2020-14061", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14061", }, { cve: "CVE-2020-14062", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14062", }, { cve: "CVE-2020-14195", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-14195", }, { cve: "CVE-2020-15250", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-15250", }, { cve: "CVE-2020-1945", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-1945", }, { cve: "CVE-2020-1967", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-1967", }, { cve: "CVE-2020-1971", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-1971", }, { cve: "CVE-2020-24616", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-24616", }, { cve: "CVE-2020-24750", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-24750", }, { cve: "CVE-2020-25649", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-25649", }, { cve: "CVE-2020-25658", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-25658", }, { cve: "CVE-2020-26116", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-26116", }, { cve: "CVE-2020-26137", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-26137", }, { cve: "CVE-2020-26541", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-26541", }, { cve: "CVE-2020-27216", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-27216", }, { cve: "CVE-2020-27218", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-27218", }, { cve: "CVE-2020-27223", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-27223", }, { cve: "CVE-2020-28366", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-28366", }, { cve: "CVE-2020-28493", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-28493", }, { cve: "CVE-2020-29509", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29509", }, { cve: "CVE-2020-29511", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29511", }, { cve: "CVE-2020-29582", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29582", }, { cve: "CVE-2020-29651", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-29651", }, { cve: "CVE-2020-35490", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-35490", }, { cve: "CVE-2020-35491", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-35491", }, { cve: "CVE-2020-35728", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-35728", }, { cve: "CVE-2020-36179", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36179", }, { cve: "CVE-2020-36180", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36180", }, { cve: "CVE-2020-36181", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36181", }, { cve: "CVE-2020-36182", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36182", }, { cve: "CVE-2020-36183", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36183", }, { cve: "CVE-2020-36184", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36184", }, { cve: "CVE-2020-36185", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36185", }, { cve: "CVE-2020-36186", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36186", }, { cve: "CVE-2020-36187", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36187", }, { cve: "CVE-2020-36188", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36188", }, { cve: "CVE-2020-36189", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36189", }, { cve: "CVE-2020-36516", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36516", }, { cve: "CVE-2020-36518", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36518", }, { cve: "CVE-2020-36557", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36557", }, { cve: "CVE-2020-36558", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36558", }, { cve: "CVE-2020-36691", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-36691", }, { cve: "CVE-2020-7238", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-7238", }, { cve: "CVE-2020-8840", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8840", }, { cve: "CVE-2020-8908", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8908", }, { cve: "CVE-2020-8911", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8911", }, { cve: "CVE-2020-8912", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-8912", }, { cve: "CVE-2020-9488", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9488", }, { cve: "CVE-2020-9493", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9493", }, { cve: "CVE-2020-9546", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9546", }, { cve: "CVE-2020-9547", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9547", }, { cve: "CVE-2020-9548", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2020-9548", }, { cve: "CVE-2021-20190", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-20190", }, { cve: "CVE-2021-20323", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-20323", }, { cve: "CVE-2021-21290", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-21290", }, { cve: "CVE-2021-21295", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-21295", }, { cve: "CVE-2021-21409", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-21409", }, { cve: "CVE-2021-23840", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-23840", }, { cve: "CVE-2021-23841", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-23841", }, { cve: "CVE-2021-2471", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-2471", }, { cve: "CVE-2021-25642", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-25642", }, { cve: "CVE-2021-26341", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-26341", }, { cve: "CVE-2021-27918", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-27918", }, { cve: "CVE-2021-28153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28153", }, { cve: "CVE-2021-28165", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28165", }, { cve: "CVE-2021-28169", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28169", }, { cve: "CVE-2021-28861", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-28861", }, { cve: "CVE-2021-29425", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-29425", }, { cve: "CVE-2021-30560", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-30560", }, { cve: "CVE-2021-3114", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3114", }, { cve: "CVE-2021-33036", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33036", }, { cve: "CVE-2021-33194", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33194", }, { cve: "CVE-2021-33195", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33195", }, { cve: "CVE-2021-33196", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33196", }, { cve: "CVE-2021-33197", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33197", }, { cve: "CVE-2021-33503", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33503", }, { cve: "CVE-2021-33655", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33655", }, { cve: "CVE-2021-33656", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-33656", }, { cve: "CVE-2021-3424", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3424", }, { cve: "CVE-2021-34428", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-34428", }, { cve: "CVE-2021-3449", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3449", }, { cve: "CVE-2021-3450", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3450", }, { cve: "CVE-2021-3530", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3530", }, { cve: "CVE-2021-36221", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36221", }, { cve: "CVE-2021-36373", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36373", }, { cve: "CVE-2021-36374", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36374", }, { cve: "CVE-2021-3648", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3648", }, { cve: "CVE-2021-36690", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-36690", }, { cve: "CVE-2021-3711", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3711", }, { cve: "CVE-2021-3712", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3712", }, { cve: "CVE-2021-37136", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37136", }, { cve: "CVE-2021-37137", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37137", }, { cve: "CVE-2021-37404", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37404", }, { cve: "CVE-2021-37533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-37533", }, { cve: "CVE-2021-3754", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3754", }, { cve: "CVE-2021-3778", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3778", }, { cve: "CVE-2021-3796", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3796", }, { cve: "CVE-2021-3826", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3826", }, { cve: "CVE-2021-3827", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3827", }, { cve: "CVE-2021-38297", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-38297", }, { cve: "CVE-2021-3872", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3872", }, { cve: "CVE-2021-3875", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3875", }, { cve: "CVE-2021-3903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3903", }, { cve: "CVE-2021-3923", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3923", }, { cve: "CVE-2021-3927", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3927", }, { cve: "CVE-2021-3928", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3928", }, { cve: "CVE-2021-3968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3968", }, { cve: "CVE-2021-3973", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3973", }, { cve: "CVE-2021-3974", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3974", }, { cve: "CVE-2021-3984", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-3984", }, { cve: "CVE-2021-4019", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4019", }, { cve: "CVE-2021-4037", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4037", }, { cve: "CVE-2021-4069", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4069", }, { cve: "CVE-2021-4104", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4104", }, { cve: "CVE-2021-4136", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4136", }, { cve: "CVE-2021-4157", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4157", }, { cve: "CVE-2021-4166", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4166", }, { cve: "CVE-2021-41771", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-41771", }, { cve: "CVE-2021-4192", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4192", }, { cve: "CVE-2021-4193", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4193", }, { cve: "CVE-2021-4203", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-4203", }, { cve: "CVE-2021-42567", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-42567", }, { cve: "CVE-2021-43797", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-43797", }, { cve: "CVE-2021-44531", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44531", }, { cve: "CVE-2021-44532", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44532", }, { cve: "CVE-2021-44533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44533", }, { cve: "CVE-2021-44716", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44716", }, { cve: "CVE-2021-44878", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-44878", }, { cve: "CVE-2021-45078", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-45078", }, { cve: "CVE-2021-46195", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-46195", }, { cve: "CVE-2021-46828", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-46828", }, { cve: "CVE-2021-46848", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2021-46848", }, { cve: "CVE-2022-0128", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0128", }, { cve: "CVE-2022-0213", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0213", }, { cve: "CVE-2022-0225", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0225", }, { cve: "CVE-2022-0261", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0261", }, { cve: "CVE-2022-0318", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0318", }, { cve: "CVE-2022-0319", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0319", }, { cve: "CVE-2022-0351", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0351", }, { cve: "CVE-2022-0359", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0359", }, { cve: "CVE-2022-0361", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0361", }, { cve: "CVE-2022-0392", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0392", }, { cve: "CVE-2022-0407", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0407", }, { cve: "CVE-2022-0413", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0413", }, { cve: "CVE-2022-0561", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0561", }, { cve: "CVE-2022-0696", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0696", }, { cve: "CVE-2022-0778", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-0778", }, { cve: "CVE-2022-1184", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1184", }, { cve: "CVE-2022-1245", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1245", }, { cve: "CVE-2022-1271", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1271", }, { cve: "CVE-2022-1292", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1292", }, { cve: "CVE-2022-1381", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1381", }, { cve: "CVE-2022-1420", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1420", }, { cve: "CVE-2022-1462", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1462", }, { cve: "CVE-2022-1466", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1466", }, { cve: "CVE-2022-1471", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1471", }, { cve: "CVE-2022-1586", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1586", }, { cve: "CVE-2022-1587", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1587", }, { cve: "CVE-2022-1616", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1616", }, { cve: "CVE-2022-1619", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1619", }, { cve: "CVE-2022-1620", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1620", }, { cve: "CVE-2022-1679", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1679", }, { cve: "CVE-2022-1705", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1705", }, { cve: "CVE-2022-1720", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1720", }, { cve: "CVE-2022-1729", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1729", }, { cve: "CVE-2022-1733", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1733", }, { cve: "CVE-2022-1735", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1735", }, { cve: "CVE-2022-1771", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1771", }, { cve: "CVE-2022-1785", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1785", }, { cve: "CVE-2022-1796", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1796", }, { cve: "CVE-2022-1851", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1851", }, { cve: "CVE-2022-1897", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1897", }, { cve: "CVE-2022-1898", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1898", }, { cve: "CVE-2022-1927", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1927", }, { cve: "CVE-2022-1962", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1962", }, { cve: "CVE-2022-1968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1968", }, { cve: "CVE-2022-1974", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1974", }, { cve: "CVE-2022-1975", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-1975", }, { cve: "CVE-2022-20132", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20132", }, { cve: "CVE-2022-20141", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20141", }, { cve: "CVE-2022-20154", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20154", }, { cve: "CVE-2022-20166", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20166", }, { cve: "CVE-2022-20368", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20368", }, { cve: "CVE-2022-20369", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20369", }, { cve: "CVE-2022-2047", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2047", }, { cve: "CVE-2022-2048", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2048", }, { cve: "CVE-2022-20567", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-20567", }, { cve: "CVE-2022-2068", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2068", }, { cve: "CVE-2022-2097", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2097", }, { cve: "CVE-2022-21216", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21216", }, { cve: "CVE-2022-21233", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21233", }, { cve: "CVE-2022-2124", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2124", }, { cve: "CVE-2022-2125", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2125", }, { cve: "CVE-2022-2126", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2126", }, { cve: "CVE-2022-2129", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2129", }, { cve: "CVE-2022-21363", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21363", }, { cve: "CVE-2022-21385", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21385", }, { cve: "CVE-2022-21499", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21499", }, { cve: "CVE-2022-2153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2153", }, { cve: "CVE-2022-21540", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21540", }, { cve: "CVE-2022-21541", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21541", }, { cve: "CVE-2022-21549", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21549", }, { cve: "CVE-2022-21618", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21618", }, { cve: "CVE-2022-21619", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21619", }, { cve: "CVE-2022-21624", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21624", }, { cve: "CVE-2022-21626", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21626", }, { cve: "CVE-2022-21628", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21628", }, { cve: "CVE-2022-21702", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-21702", }, { cve: "CVE-2022-2175", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2175", }, { cve: "CVE-2022-2182", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2182", }, { cve: "CVE-2022-2183", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2183", }, { cve: "CVE-2022-2206", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2206", }, { cve: "CVE-2022-2207", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2207", }, { cve: "CVE-2022-2208", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2208", }, { cve: "CVE-2022-2210", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2210", }, { cve: "CVE-2022-2231", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2231", }, { cve: "CVE-2022-2256", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2256", }, { cve: "CVE-2022-2257", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2257", }, { cve: "CVE-2022-2264", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2264", }, { cve: "CVE-2022-2284", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2284", }, { cve: "CVE-2022-2285", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2285", }, { cve: "CVE-2022-2286", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2286", }, { cve: "CVE-2022-2287", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2287", }, { cve: "CVE-2022-22976", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-22976", }, { cve: "CVE-2022-22978", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-22978", }, { cve: "CVE-2022-2304", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2304", }, { cve: "CVE-2022-2318", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2318", }, { cve: "CVE-2022-23302", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23302", }, { cve: "CVE-2022-23305", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23305", }, { cve: "CVE-2022-23307", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23307", }, { cve: "CVE-2022-2343", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2343", }, { cve: "CVE-2022-2344", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2344", }, { cve: "CVE-2022-2345", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2345", }, { cve: "CVE-2022-23471", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23471", }, { cve: "CVE-2022-23521", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23521", }, { cve: "CVE-2022-23772", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23772", }, { cve: "CVE-2022-23773", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-23773", }, { cve: "CVE-2022-24302", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24302", }, { cve: "CVE-2022-24329", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24329", }, { cve: "CVE-2022-24823", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24823", }, { cve: "CVE-2022-24903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-24903", }, { cve: "CVE-2022-2503", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2503", }, { cve: "CVE-2022-25147", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25147", }, { cve: "CVE-2022-25168", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25168", }, { cve: "CVE-2022-2519", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2519", }, { cve: "CVE-2022-2520", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2520", }, { cve: "CVE-2022-2521", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2521", }, { cve: "CVE-2022-2522", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2522", }, { cve: "CVE-2022-25647", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25647", }, { cve: "CVE-2022-2571", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2571", }, { cve: "CVE-2022-2580", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2580", }, { cve: "CVE-2022-2581", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2581", }, { cve: "CVE-2022-25857", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-25857", }, { cve: "CVE-2022-2588", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2588", }, { cve: "CVE-2022-2598", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2598", }, { cve: "CVE-2022-26148", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26148", }, { cve: "CVE-2022-26365", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26365", }, { cve: "CVE-2022-26373", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26373", }, { cve: "CVE-2022-2639", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2639", }, { cve: "CVE-2022-26612", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-26612", }, { cve: "CVE-2022-2663", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2663", }, { cve: "CVE-2022-27781", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-27781", }, { cve: "CVE-2022-27782", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-27782", }, { cve: "CVE-2022-27943", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-27943", }, { cve: "CVE-2022-2795", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2795", }, { cve: "CVE-2022-28131", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28131", }, { cve: "CVE-2022-2816", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2816", }, { cve: "CVE-2022-2817", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2817", }, { cve: "CVE-2022-2819", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2819", }, { cve: "CVE-2022-28327", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28327", }, { cve: "CVE-2022-2845", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2845", }, { cve: "CVE-2022-2849", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2849", }, { cve: "CVE-2022-2862", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2862", }, { cve: "CVE-2022-2867", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2867", }, { cve: "CVE-2022-2868", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2868", }, { cve: "CVE-2022-2869", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2869", }, { cve: "CVE-2022-28693", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28693", }, { cve: "CVE-2022-2874", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2874", }, { cve: "CVE-2022-28748", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-28748", }, { cve: "CVE-2022-2880", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2880", }, { cve: "CVE-2022-2889", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2889", }, { cve: "CVE-2022-29162", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29162", }, { cve: "CVE-2022-29187", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29187", }, { cve: "CVE-2022-2923", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2923", }, { cve: "CVE-2022-2946", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2946", }, { cve: "CVE-2022-29526", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29526", }, { cve: "CVE-2022-29583", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29583", }, { cve: "CVE-2022-2964", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2964", }, { cve: "CVE-2022-2977", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2977", }, { cve: "CVE-2022-2980", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2980", }, { cve: "CVE-2022-2982", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2982", }, { cve: "CVE-2022-29900", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29900", }, { cve: "CVE-2022-29901", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-29901", }, { cve: "CVE-2022-2991", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-2991", }, { cve: "CVE-2022-3016", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3016", }, { cve: "CVE-2022-3028", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3028", }, { cve: "CVE-2022-3037", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3037", }, { cve: "CVE-2022-30580", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30580", }, { cve: "CVE-2022-30630", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30630", }, { cve: "CVE-2022-30631", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30631", }, { cve: "CVE-2022-30632", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30632", }, { cve: "CVE-2022-30633", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-30633", }, { cve: "CVE-2022-3099", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3099", }, { cve: "CVE-2022-31030", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-31030", }, { cve: "CVE-2022-31159", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-31159", }, { cve: "CVE-2022-3134", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3134", }, { cve: "CVE-2022-3153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3153", }, { cve: "CVE-2022-3169", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3169", }, { cve: "CVE-2022-31690", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-31690", }, { cve: "CVE-2022-32148", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32148", }, { cve: "CVE-2022-32149", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32149", }, { cve: "CVE-2022-32206", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32206", }, { cve: "CVE-2022-32208", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32208", }, { cve: "CVE-2022-32221", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-32221", }, { cve: "CVE-2022-3234", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3234", }, { cve: "CVE-2022-3235", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3235", }, { cve: "CVE-2022-3239", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3239", }, { cve: "CVE-2022-3278", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3278", }, { cve: "CVE-2022-3296", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3296", }, { cve: "CVE-2022-3297", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3297", }, { cve: "CVE-2022-33196", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33196", }, { cve: "CVE-2022-3324", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3324", }, { cve: "CVE-2022-3352", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3352", }, { cve: "CVE-2022-33740", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33740", }, { cve: "CVE-2022-33741", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33741", }, { cve: "CVE-2022-33742", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33742", }, { cve: "CVE-2022-33972", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33972", }, { cve: "CVE-2022-33981", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-33981", }, { cve: "CVE-2022-34169", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34169", }, { cve: "CVE-2022-3424", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3424", }, { cve: "CVE-2022-34266", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34266", }, { cve: "CVE-2022-34526", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34526", }, { cve: "CVE-2022-34903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-34903", }, { cve: "CVE-2022-3491", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3491", }, { cve: "CVE-2022-3515", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3515", }, { cve: "CVE-2022-3520", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3520", }, { cve: "CVE-2022-3521", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3521", }, { cve: "CVE-2022-3524", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3524", }, { cve: "CVE-2022-35252", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-35252", }, { cve: "CVE-2022-3542", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3542", }, { cve: "CVE-2022-3545", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3545", }, { cve: "CVE-2022-3564", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3564", }, { cve: "CVE-2022-3565", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3565", }, { cve: "CVE-2022-3566", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3566", }, { cve: "CVE-2022-3567", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3567", }, { cve: "CVE-2022-35737", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-35737", }, { cve: "CVE-2022-3586", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3586", }, { cve: "CVE-2022-3591", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3591", }, { cve: "CVE-2022-3594", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3594", }, { cve: "CVE-2022-3597", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3597", }, { cve: "CVE-2022-3599", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3599", }, { cve: "CVE-2022-36109", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36109", }, { cve: "CVE-2022-3621", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3621", }, { cve: "CVE-2022-3626", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3626", }, { cve: "CVE-2022-3627", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3627", }, { cve: "CVE-2022-3628", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3628", }, { cve: "CVE-2022-36280", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36280", }, { cve: "CVE-2022-3629", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3629", }, { cve: "CVE-2022-3635", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3635", }, { cve: "CVE-2022-3643", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3643", }, { cve: "CVE-2022-36437", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36437", }, { cve: "CVE-2022-3646", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3646", }, { cve: "CVE-2022-3649", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3649", }, { cve: "CVE-2022-36760", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36760", }, { cve: "CVE-2022-36879", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-36946", }, { cve: "CVE-2022-3705", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3705", }, { cve: "CVE-2022-37434", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37434", }, { cve: "CVE-2022-37436", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37436", }, { cve: "CVE-2022-37865", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37865", }, { cve: "CVE-2022-37866", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-37866", }, { cve: "CVE-2022-38090", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38090", }, { cve: "CVE-2022-38096", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38096", }, { cve: "CVE-2022-38126", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38126", }, { cve: "CVE-2022-38127", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38127", }, { cve: "CVE-2022-38177", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38177", }, { cve: "CVE-2022-38178", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38178", }, { cve: "CVE-2022-3821", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3821", }, { cve: "CVE-2022-38533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38533", }, { cve: "CVE-2022-38749", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38749", }, { cve: "CVE-2022-38750", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38750", }, { cve: "CVE-2022-38751", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38751", }, { cve: "CVE-2022-38752", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-38752", }, { cve: "CVE-2022-39028", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-39028", }, { cve: "CVE-2022-3903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3903", }, { cve: "CVE-2022-39188", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-39188", }, { cve: "CVE-2022-39399", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-39399", }, { cve: "CVE-2022-3970", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-3970", }, { cve: "CVE-2022-40149", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40149", }, { cve: "CVE-2022-40150", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40150", }, { cve: "CVE-2022-40151", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40151", }, { cve: "CVE-2022-40152", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40152", }, { cve: "CVE-2022-40153", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40153", }, { cve: "CVE-2022-40303", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40303", }, { cve: "CVE-2022-40304", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40304", }, { cve: "CVE-2022-40307", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40307", }, { cve: "CVE-2022-40674", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40674", }, { cve: "CVE-2022-40768", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40768", }, { cve: "CVE-2022-40899", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-40899", }, { cve: "CVE-2022-4095", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4095", }, { cve: "CVE-2022-41218", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41218", }, { cve: "CVE-2022-4129", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4129", }, { cve: "CVE-2022-4141", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4141", }, { cve: "CVE-2022-41717", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41717", }, { cve: "CVE-2022-41721", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41721", }, { cve: "CVE-2022-41848", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41848", }, { cve: "CVE-2022-41850", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41850", }, { cve: "CVE-2022-41854", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41854", }, { cve: "CVE-2022-41858", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41858", }, { cve: "CVE-2022-41881", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41881", }, { cve: "CVE-2022-41903", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41903", }, { cve: "CVE-2022-41915", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41915", }, { cve: "CVE-2022-41966", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41966", }, { cve: "CVE-2022-41974", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-41974", }, { cve: "CVE-2022-42003", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42003", }, { cve: "CVE-2022-42004", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42004", }, { cve: "CVE-2022-42010", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42010", }, { cve: "CVE-2022-42011", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42011", }, { cve: "CVE-2022-42012", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42012", }, { cve: "CVE-2022-42328", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42328", }, { cve: "CVE-2022-42329", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42329", }, { cve: "CVE-2022-42703", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42703", }, { cve: "CVE-2022-42889", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42889", }, { cve: "CVE-2022-42895", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42895", }, { cve: "CVE-2022-42896", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42896", }, { cve: "CVE-2022-42898", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42898", }, { cve: "CVE-2022-4292", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4292", }, { cve: "CVE-2022-4293", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4293", }, { cve: "CVE-2022-42969", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-42969", }, { cve: "CVE-2022-4304", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4304", }, { cve: "CVE-2022-43552", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43552", }, { cve: "CVE-2022-43680", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43680", }, { cve: "CVE-2022-43750", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43750", }, { cve: "CVE-2022-4378", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4378", }, { cve: "CVE-2022-43945", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43945", }, { cve: "CVE-2022-43995", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-43995", }, { cve: "CVE-2022-4415", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4415", }, { cve: "CVE-2022-4450", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4450", }, { cve: "CVE-2022-44638", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-44638", }, { cve: "CVE-2022-45061", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45061", }, { cve: "CVE-2022-45688", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45688", }, { cve: "CVE-2022-45884", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45884", }, { cve: "CVE-2022-45885", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45885", }, { cve: "CVE-2022-45886", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45886", }, { cve: "CVE-2022-45887", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45887", }, { cve: "CVE-2022-45919", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45919", }, { cve: "CVE-2022-45934", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45934", }, { cve: "CVE-2022-45939", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-45939", }, { cve: "CVE-2022-4662", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-4662", }, { cve: "CVE-2022-46751", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-46751", }, { cve: "CVE-2022-46908", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-46908", }, { cve: "CVE-2022-47629", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-47629", }, { cve: "CVE-2022-47929", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-47929", }, { cve: "CVE-2022-48281", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-48281", }, { cve: "CVE-2022-48337", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-48337", }, { cve: "CVE-2022-48339", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2022-48339", }, { cve: "CVE-2023-0045", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0045", }, { cve: "CVE-2023-0049", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0049", }, { cve: "CVE-2023-0051", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0051", }, { cve: "CVE-2023-0054", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0054", }, { cve: "CVE-2023-0215", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0215", }, { cve: "CVE-2023-0286", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0286", }, { cve: "CVE-2023-0288", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0288", }, { cve: "CVE-2023-0433", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0433", }, { cve: "CVE-2023-0464", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0466", }, { cve: "CVE-2023-0512", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0512", }, { cve: "CVE-2023-0590", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0590", }, { cve: "CVE-2023-0597", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0597", }, { cve: "CVE-2023-0833", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-0833", }, { cve: "CVE-2023-1076", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1076", }, { cve: "CVE-2023-1095", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1095", }, { cve: "CVE-2023-1118", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1118", }, { cve: "CVE-2023-1127", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1127", }, { cve: "CVE-2023-1170", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1170", }, { cve: "CVE-2023-1175", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1175", }, { cve: "CVE-2023-1370", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1370", }, { cve: "CVE-2023-1380", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1380", }, { cve: "CVE-2023-1390", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1390", }, { cve: "CVE-2023-1436", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1436", }, { cve: "CVE-2023-1513", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1513", }, { cve: "CVE-2023-1611", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1670", }, { cve: "CVE-2023-1855", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1855", }, { cve: "CVE-2023-1989", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-1998", }, { cve: "CVE-2023-20862", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-20862", }, { cve: "CVE-2023-2124", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2162", }, { cve: "CVE-2023-2176", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2176", }, { cve: "CVE-2023-21830", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21830", }, { cve: "CVE-2023-21835", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21835", }, { cve: "CVE-2023-21843", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21843", }, { cve: "CVE-2023-21930", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21930", }, { cve: "CVE-2023-21937", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21937", }, { cve: "CVE-2023-21938", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21938", }, { cve: "CVE-2023-21939", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21939", }, { cve: "CVE-2023-2194", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2194", }, { cve: "CVE-2023-21954", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21954", }, { cve: "CVE-2023-21967", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21967", }, { cve: "CVE-2023-21968", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-21968", }, { cve: "CVE-2023-22490", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-22490", }, { cve: "CVE-2023-2253", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2253", }, { cve: "CVE-2023-22809", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-22809", }, { cve: "CVE-2023-23454", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23455", }, { cve: "CVE-2023-23559", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23559", }, { cve: "CVE-2023-23916", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23916", }, { cve: "CVE-2023-23946", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-23946", }, { cve: "CVE-2023-24329", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24329", }, { cve: "CVE-2023-24532", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24532", }, { cve: "CVE-2023-24534", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24534", }, { cve: "CVE-2023-2483", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2483", }, { cve: "CVE-2023-24998", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-24998", }, { cve: "CVE-2023-2513", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2513", }, { cve: "CVE-2023-25193", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25193", }, { cve: "CVE-2023-25652", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25652", }, { cve: "CVE-2023-25690", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25690", }, { cve: "CVE-2023-25809", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25809", }, { cve: "CVE-2023-25815", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-25815", }, { cve: "CVE-2023-26048", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26048", }, { cve: "CVE-2023-26049", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26049", }, { cve: "CVE-2023-2650", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2650", }, { cve: "CVE-2023-26545", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26545", }, { cve: "CVE-2023-26604", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-26604", }, { cve: "CVE-2023-27533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27533", }, { cve: "CVE-2023-27534", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27534", }, { cve: "CVE-2023-27535", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27535", }, { cve: "CVE-2023-27536", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27536", }, { cve: "CVE-2023-27538", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27538", }, { cve: "CVE-2023-27561", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-27561", }, { cve: "CVE-2023-2828", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2828", }, { cve: "CVE-2023-28320", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28320", }, { cve: "CVE-2023-28321", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28321", }, { cve: "CVE-2023-28322", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28322", }, { cve: "CVE-2023-28328", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28328", }, { cve: "CVE-2023-28464", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28464", }, { cve: "CVE-2023-28486", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28486", }, { cve: "CVE-2023-28487", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28487", }, { cve: "CVE-2023-28642", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28642", }, { cve: "CVE-2023-28772", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28772", }, { cve: "CVE-2023-28840", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28840", }, { cve: "CVE-2023-28841", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28841", }, { cve: "CVE-2023-28842", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-28842", }, { cve: "CVE-2023-29007", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29007", }, { cve: "CVE-2023-29383", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29383", }, { cve: "CVE-2023-29402", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29402", }, { cve: "CVE-2023-29406", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29406", }, { cve: "CVE-2023-29409", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-29409", }, { cve: "CVE-2023-2976", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-2976", }, { cve: "CVE-2023-30630", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-30630", }, { cve: "CVE-2023-30772", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-30772", }, { cve: "CVE-2023-31084", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-31084", }, { cve: "CVE-2023-3138", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-3138", }, { cve: "CVE-2023-31436", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-31436", }, { cve: "CVE-2023-31484", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-31484", }, { cve: "CVE-2023-32269", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-32269", }, { cve: "CVE-2023-32697", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-32697", }, { cve: "CVE-2023-33264", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-33264", }, { cve: "CVE-2023-34034", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34034", }, { cve: "CVE-2023-34035", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34035", }, { cve: "CVE-2023-34453", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34453", }, { cve: "CVE-2023-34454", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34454", }, { cve: "CVE-2023-34455", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34455", }, { cve: "CVE-2023-34462", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-34462", }, { cve: "CVE-2023-35116", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-35116", }, { cve: "CVE-2023-3635", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-3635", }, { cve: "CVE-2023-36479", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-36479", }, { cve: "CVE-2023-39533", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-39533", }, { cve: "CVE-2023-40167", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-40167", }, { cve: "CVE-2023-40217", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-40217", }, { cve: "CVE-2023-41105", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-41105", }, { cve: "CVE-2023-41900", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-41900", }, { cve: "CVE-2023-43642", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-43642", }, { cve: "CVE-2023-43804", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-43804", }, { cve: "CVE-2023-44487", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-44487", }, { cve: "CVE-2023-45803", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2023-45803", }, { cve: "CVE-2024-21626", notes: [ { category: "description", text: "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T033919", ], }, release_date: "2024-04-04T22:00:00.000+00:00", title: "CVE-2024-21626", }, ], }
gsd-2023-1990
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-1990", id: "GSD-2023-1990", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-1990", ], details: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", id: "GSD-2023-1990", modified: "2023-12-13T01:20:41.419043Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2023-1990", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Linux", version: { version_data: [ { version_value: "Linux Kernel prior to Kernel 6.3 RC3", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416", }, ], }, ], }, references: { reference_data: [ { name: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz@163.com/", refsource: "MISC", url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz@163.com/", }, { name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { name: "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "6.3", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2023-1990", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-416", }, ], }, ], }, references: { reference_data: [ { name: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz@163.com/", refsource: "MISC", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz@163.com/", }, { name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update", refsource: "MLIST", tags: [], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { name: "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update", refsource: "MLIST", tags: [], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, ], }, }, impact: { baseMetricV3: { cvssV3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 3.6, }, }, lastModifiedDate: "2023-05-03T14:15Z", publishedDate: "2023-04-12T20:15Z", }, }, }
ICSA-24-046-11
Vulnerability from csaf_cisa
Published
2024-02-13 00:00
Modified
2024-02-13 00:00
Summary
Siemens SCALANCE XCM-/XRM-300
Notes
Summary
SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.
Siemens has released an update for SCALANCE X-300 and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.\n\nSiemens has released an update for SCALANCE X-300 and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-806742.html", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-806742.pdf", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-806742.txt", }, { category: "self", summary: "ICS Advisory ICSA-24-046-11 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-046-11.json", }, { category: "self", summary: "ICS Advisory ICSA-24-046-11 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SCALANCE XCM-/XRM-300", tracking: { current_release_date: "2024-02-13T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1", }, }, id: "ICSA-24-046-11", initial_release_date: "2024-02-13T00:00:00.000000Z", revision_history: [ { date: "2024-02-13T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2EC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GK5324-8TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GK5332-0GA01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2ER3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", product_id: "CSAFPID-0008", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", product_id: "CSAFPID-0009", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", product_id: "CSAFPID-0010", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", product_id: "CSAFPID-0011", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2006-20001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2006-20001", }, { cve: "CVE-2020-10735", cwe: { id: "CWE-704", name: "Incorrect Type Conversion or Cast", }, notes: [ { category: "summary", text: "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2020-10735", }, { cve: "CVE-2021-3445", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-3445", }, { cve: "CVE-2021-3638", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-3638", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-36369", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-36369", }, { cve: "CVE-2021-43666", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-43666", }, { cve: "CVE-2021-45451", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-45451", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1348", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-1348", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2880", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-2880", }, { cve: "CVE-2022-3294", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-3294", }, { cve: "CVE-2022-3437", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-3437", }, { cve: "CVE-2022-3515", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-3515", }, { cve: "CVE-2022-4415", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4415", }, { cve: "CVE-2022-4743", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4743", }, { cve: "CVE-2022-4744", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4744", }, { cve: "CVE-2022-4900", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4900", }, { cve: "CVE-2022-4904", cwe: { id: "CWE-1284", name: "Improper Validation of Specified Quantity in Input", }, notes: [ { category: "summary", text: "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4904", }, { cve: "CVE-2022-23471", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-23471", }, { cve: "CVE-2022-23521", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-23521", }, { cve: "CVE-2022-24834", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-24834", }, { cve: "CVE-2022-26691", cwe: { id: "CWE-697", name: "Incorrect Comparison", }, notes: [ { category: "summary", text: "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-26691", }, { cve: "CVE-2022-28737", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-28737", }, { cve: "CVE-2022-28738", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-28738", }, { cve: "CVE-2022-28739", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-28739", }, { cve: "CVE-2022-29154", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29154", }, { cve: "CVE-2022-29162", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29162", }, { cve: "CVE-2022-29187", cwe: { id: "CWE-282", name: "Improper Ownership Management", }, notes: [ { category: "summary", text: "Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29187", }, { cve: "CVE-2022-29536", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29536", }, { cve: "CVE-2022-32148", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-32148", }, { cve: "CVE-2022-34903", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-34903", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36021", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-36021", }, { cve: "CVE-2022-36227", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: \"In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution.\"", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-36227", }, { cve: "CVE-2022-36760", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-36760", }, { cve: "CVE-2022-37436", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "summary", text: "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-37436", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-37797", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-37797", }, { cve: "CVE-2022-38725", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-38725", }, { cve: "CVE-2022-39189", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-39189", }, { cve: "CVE-2022-39260", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-39260", }, { cve: "CVE-2022-41409", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41409", }, { cve: "CVE-2022-41556", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41556", }, { cve: "CVE-2022-41715", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41715", }, { cve: "CVE-2022-41717", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41717", }, { cve: "CVE-2022-41723", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41723", }, { cve: "CVE-2022-41860", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41860", }, { cve: "CVE-2022-41861", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41861", }, { cve: "CVE-2022-41862", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41862", }, { cve: "CVE-2022-41903", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41903", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-44370", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-44370", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-45142", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "summary", text: "The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-45142", }, { cve: "CVE-2022-45919", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-45919", }, { cve: "CVE-2022-46392", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-46392", }, { cve: "CVE-2022-46393", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-46393", }, { cve: "CVE-2022-47629", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-47629", }, { cve: "CVE-2022-48303", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-48303", }, { cve: "CVE-2022-48434", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-48434", }, { cve: "CVE-2023-0160", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0160", }, { cve: "CVE-2023-0330", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0330", }, { cve: "CVE-2023-0361", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0361", }, { cve: "CVE-2023-0494", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0494", }, { cve: "CVE-2023-0567", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0567", }, { cve: "CVE-2023-0568", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0568", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-0662", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0662", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-1380", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-1393", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1393", }, { cve: "CVE-2023-1611", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1838", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1838", }, { cve: "CVE-2023-1855", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1859", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1859", }, { cve: "CVE-2023-1989", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-2002", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2002", }, { cve: "CVE-2023-2124", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2194", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace \"data->block[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2194", }, { cve: "CVE-2023-2269", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2269", }, { cve: "CVE-2023-2861", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2861", }, { cve: "CVE-2023-2953", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2953", }, { cve: "CVE-2023-3006", cwe: { id: "CWE-212", name: "Improper Removal of Sensitive Information Before Storage or Transfer", }, notes: [ { category: "summary", text: "A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3006", }, { cve: "CVE-2023-3090", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3090", }, { cve: "CVE-2023-3111", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3111", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3212", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3212", }, { cve: "CVE-2023-3247", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, notes: [ { category: "summary", text: "In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3247", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3301", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3301", }, { cve: "CVE-2023-3316", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3316", }, { cve: "CVE-2023-3390", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3390", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3776", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3776", }, { cve: "CVE-2023-3863", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3863", }, { cve: "CVE-2023-4128", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-4128", }, { cve: "CVE-2023-4194", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 (\"tun: tun_chr_open(): correctly initialize socket uid\"), - 66b2c338adce (\"tap: tap_open(): correctly initialize socket uid\"), pass \"inode->i_uid\" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-4194", }, { cve: "CVE-2023-20593", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-20593", }, { cve: "CVE-2023-21255", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-21255", }, { cve: "CVE-2023-22490", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "summary", text: "Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.\n\nA fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-22490", }, { cve: "CVE-2023-22742", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2's `git_remote_callbacks` structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Users are encouraged to upgrade to v1.4.5 or v1.5.1. Users unable to upgrade should ensure that all relevant certificates are manually checked.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-22742", }, { cve: "CVE-2023-22745", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-22745", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23931", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23931", }, { cve: "CVE-2023-23934", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Werkzeug is a comprehensive WSGI web application library. Browsers may allow \"nameless\" cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23934", }, { cve: "CVE-2023-23946", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23946", }, { cve: "CVE-2023-24538", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-24538", }, { cve: "CVE-2023-25153", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25153", }, { cve: "CVE-2023-25155", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25155", }, { cve: "CVE-2023-25193", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger quadratic growth via consecutive marks during the process of looking back for base glyphs when attaching marks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25193", }, { cve: "CVE-2023-25588", cwe: { id: "CWE-908", name: "Use of Uninitialized Resource", }, notes: [ { category: "summary", text: "A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25588", }, { cve: "CVE-2023-25690", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\r\n\r\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. \r\n\r\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25690", }, { cve: "CVE-2023-25727", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25727", }, { cve: "CVE-2023-26081", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-26081", }, { cve: "CVE-2023-26965", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-26965", }, { cve: "CVE-2023-27522", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27522", }, { cve: "CVE-2023-27534", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27534", }, { cve: "CVE-2023-27535", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27535", }, { cve: "CVE-2023-27536", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27536", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-28466", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28466", }, { cve: "CVE-2023-28486", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in log messages.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28486", }, { cve: "CVE-2023-28487", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in sudoreplay output.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28487", }, { cve: "CVE-2023-29402", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via \"go get\", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29402", }, { cve: "CVE-2023-29404", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29404", }, { cve: "CVE-2023-29405", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29405", }, { cve: "CVE-2023-29406", cwe: { id: "CWE-436", name: "Interpretation Conflict", }, notes: [ { category: "summary", text: "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29406", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-30086", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-30086", }, { cve: "CVE-2023-30456", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-30456", }, { cve: "CVE-2023-30772", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-30772", }, { cve: "CVE-2023-31084", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31084", }, { cve: "CVE-2023-31124", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31124", }, { cve: "CVE-2023-31130", cwe: { id: "CWE-124", name: "Buffer Underwrite ('Buffer Underflow')", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular \"0::00:00:00/2\" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31130", }, { cve: "CVE-2023-31147", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31147", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-31489", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31489", }, { cve: "CVE-2023-32067", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-32067", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-32573", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-32573", }, { cve: "CVE-2023-33203", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-33203", }, { cve: "CVE-2023-34256", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "** DISPUTED ** An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated \"When modifying the block device while it is mounted by the filesystem\" access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-34256", }, { cve: "CVE-2023-34872", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-34872", }, { cve: "CVE-2023-34969", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-34969", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35788", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35788", }, { cve: "CVE-2023-35789", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35789", }, { cve: "CVE-2023-35823", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35823", }, { cve: "CVE-2023-35824", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35824", }, { cve: "CVE-2023-35828", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35828", }, { cve: "CVE-2023-36054", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-36054", }, { cve: "CVE-2023-36617", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-36617", }, { cve: "CVE-2023-36664", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-36664", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes \"e-Tugra\" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from \"e-Tugra\" from the root store.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-38559", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-38559", }, { cve: "CVE-2023-40283", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-40283", }, ], }
icsa-24-046-11
Vulnerability from csaf_cisa
Published
2024-02-13 00:00
Modified
2024-02-13 00:00
Summary
Siemens SCALANCE XCM-/XRM-300
Notes
Summary
SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.
Siemens has released an update for SCALANCE X-300 and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.\n\nSiemens has released an update for SCALANCE X-300 and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-806742.html", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-806742.pdf", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-806742.txt", }, { category: "self", summary: "ICS Advisory ICSA-24-046-11 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-046-11.json", }, { category: "self", summary: "ICS Advisory ICSA-24-046-11 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SCALANCE XCM-/XRM-300", tracking: { current_release_date: "2024-02-13T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1", }, }, id: "ICSA-24-046-11", initial_release_date: "2024-02-13T00:00:00.000000Z", revision_history: [ { date: "2024-02-13T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2EC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GK5324-8TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GK5332-0GA01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2ER3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", product_id: "CSAFPID-0008", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", product_id: "CSAFPID-0009", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", product_id: "CSAFPID-0010", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", product_id: "CSAFPID-0011", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2006-20001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2006-20001", }, { cve: "CVE-2020-10735", cwe: { id: "CWE-704", name: "Incorrect Type Conversion or Cast", }, notes: [ { category: "summary", text: "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2020-10735", }, { cve: "CVE-2021-3445", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-3445", }, { cve: "CVE-2021-3638", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-3638", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-36369", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-36369", }, { cve: "CVE-2021-43666", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-43666", }, { cve: "CVE-2021-45451", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2021-45451", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1348", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-1348", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2880", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-2880", }, { cve: "CVE-2022-3294", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-3294", }, { cve: "CVE-2022-3437", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-3437", }, { cve: "CVE-2022-3515", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-3515", }, { cve: "CVE-2022-4415", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4415", }, { cve: "CVE-2022-4743", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4743", }, { cve: "CVE-2022-4744", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4744", }, { cve: "CVE-2022-4900", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4900", }, { cve: "CVE-2022-4904", cwe: { id: "CWE-1284", name: "Improper Validation of Specified Quantity in Input", }, notes: [ { category: "summary", text: "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-4904", }, { cve: "CVE-2022-23471", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-23471", }, { cve: "CVE-2022-23521", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-23521", }, { cve: "CVE-2022-24834", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-24834", }, { cve: "CVE-2022-26691", cwe: { id: "CWE-697", name: "Incorrect Comparison", }, notes: [ { category: "summary", text: "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-26691", }, { cve: "CVE-2022-28737", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-28737", }, { cve: "CVE-2022-28738", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-28738", }, { cve: "CVE-2022-28739", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-28739", }, { cve: "CVE-2022-29154", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29154", }, { cve: "CVE-2022-29162", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29162", }, { cve: "CVE-2022-29187", cwe: { id: "CWE-282", name: "Improper Ownership Management", }, notes: [ { category: "summary", text: "Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29187", }, { cve: "CVE-2022-29536", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-29536", }, { cve: "CVE-2022-32148", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-32148", }, { cve: "CVE-2022-34903", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-34903", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36021", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-36021", }, { cve: "CVE-2022-36227", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: \"In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution.\"", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-36227", }, { cve: "CVE-2022-36760", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-36760", }, { cve: "CVE-2022-37436", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "summary", text: "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-37436", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-37797", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-37797", }, { cve: "CVE-2022-38725", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-38725", }, { cve: "CVE-2022-39189", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-39189", }, { cve: "CVE-2022-39260", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-39260", }, { cve: "CVE-2022-41409", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41409", }, { cve: "CVE-2022-41556", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41556", }, { cve: "CVE-2022-41715", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41715", }, { cve: "CVE-2022-41717", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41717", }, { cve: "CVE-2022-41723", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41723", }, { cve: "CVE-2022-41860", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41860", }, { cve: "CVE-2022-41861", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41861", }, { cve: "CVE-2022-41862", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41862", }, { cve: "CVE-2022-41903", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-41903", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-44370", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-44370", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-45142", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "summary", text: "The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-45142", }, { cve: "CVE-2022-45919", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-45919", }, { cve: "CVE-2022-46392", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-46392", }, { cve: "CVE-2022-46393", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-46393", }, { cve: "CVE-2022-47629", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-47629", }, { cve: "CVE-2022-48303", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-48303", }, { cve: "CVE-2022-48434", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2022-48434", }, { cve: "CVE-2023-0160", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0160", }, { cve: "CVE-2023-0330", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0330", }, { cve: "CVE-2023-0361", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0361", }, { cve: "CVE-2023-0494", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0494", }, { cve: "CVE-2023-0567", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0567", }, { cve: "CVE-2023-0568", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0568", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-0662", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-0662", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-1380", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-1393", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1393", }, { cve: "CVE-2023-1611", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1838", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1838", }, { cve: "CVE-2023-1855", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1859", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1859", }, { cve: "CVE-2023-1989", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-2002", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2002", }, { cve: "CVE-2023-2124", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2194", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace \"data->block[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2194", }, { cve: "CVE-2023-2269", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2269", }, { cve: "CVE-2023-2861", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2861", }, { cve: "CVE-2023-2953", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-2953", }, { cve: "CVE-2023-3006", cwe: { id: "CWE-212", name: "Improper Removal of Sensitive Information Before Storage or Transfer", }, notes: [ { category: "summary", text: "A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3006", }, { cve: "CVE-2023-3090", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3090", }, { cve: "CVE-2023-3111", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3111", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3212", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3212", }, { cve: "CVE-2023-3247", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, notes: [ { category: "summary", text: "In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3247", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3301", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3301", }, { cve: "CVE-2023-3316", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3316", }, { cve: "CVE-2023-3390", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3390", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3776", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3776", }, { cve: "CVE-2023-3863", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-3863", }, { cve: "CVE-2023-4128", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-4128", }, { cve: "CVE-2023-4194", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 (\"tun: tun_chr_open(): correctly initialize socket uid\"), - 66b2c338adce (\"tap: tap_open(): correctly initialize socket uid\"), pass \"inode->i_uid\" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-4194", }, { cve: "CVE-2023-20593", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-20593", }, { cve: "CVE-2023-21255", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-21255", }, { cve: "CVE-2023-22490", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "summary", text: "Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.\n\nA fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-22490", }, { cve: "CVE-2023-22742", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2's `git_remote_callbacks` structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Users are encouraged to upgrade to v1.4.5 or v1.5.1. Users unable to upgrade should ensure that all relevant certificates are manually checked.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-22742", }, { cve: "CVE-2023-22745", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-22745", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23931", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23931", }, { cve: "CVE-2023-23934", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Werkzeug is a comprehensive WSGI web application library. Browsers may allow \"nameless\" cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23934", }, { cve: "CVE-2023-23946", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-23946", }, { cve: "CVE-2023-24538", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-24538", }, { cve: "CVE-2023-25153", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25153", }, { cve: "CVE-2023-25155", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25155", }, { cve: "CVE-2023-25193", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger quadratic growth via consecutive marks during the process of looking back for base glyphs when attaching marks.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25193", }, { cve: "CVE-2023-25588", cwe: { id: "CWE-908", name: "Use of Uninitialized Resource", }, notes: [ { category: "summary", text: "A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25588", }, { cve: "CVE-2023-25690", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\r\n\r\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. \r\n\r\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25690", }, { cve: "CVE-2023-25727", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-25727", }, { cve: "CVE-2023-26081", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-26081", }, { cve: "CVE-2023-26965", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-26965", }, { cve: "CVE-2023-27522", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27522", }, { cve: "CVE-2023-27534", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27534", }, { cve: "CVE-2023-27535", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27535", }, { cve: "CVE-2023-27536", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-27536", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-28466", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28466", }, { cve: "CVE-2023-28486", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in log messages.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28486", }, { cve: "CVE-2023-28487", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in sudoreplay output.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-28487", }, { cve: "CVE-2023-29402", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via \"go get\", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29402", }, { cve: "CVE-2023-29404", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29404", }, { cve: "CVE-2023-29405", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29405", }, { cve: "CVE-2023-29406", cwe: { id: "CWE-436", name: "Interpretation Conflict", }, notes: [ { category: "summary", text: "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29406", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-30086", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-30086", }, { cve: "CVE-2023-30456", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-30456", }, { cve: "CVE-2023-30772", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-30772", }, { cve: "CVE-2023-31084", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31084", }, { cve: "CVE-2023-31124", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31124", }, { cve: "CVE-2023-31130", cwe: { id: "CWE-124", name: "Buffer Underwrite ('Buffer Underflow')", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular \"0::00:00:00/2\" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31130", }, { cve: "CVE-2023-31147", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31147", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-31489", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-31489", }, { cve: "CVE-2023-32067", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-32067", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-32573", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-32573", }, { cve: "CVE-2023-33203", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-33203", }, { cve: "CVE-2023-34256", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "** DISPUTED ** An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated \"When modifying the block device while it is mounted by the filesystem\" access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-34256", }, { cve: "CVE-2023-34872", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-34872", }, { cve: "CVE-2023-34969", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-34969", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35788", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35788", }, { cve: "CVE-2023-35789", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35789", }, { cve: "CVE-2023-35823", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35823", }, { cve: "CVE-2023-35824", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35824", }, { cve: "CVE-2023-35828", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-35828", }, { cve: "CVE-2023-36054", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-36054", }, { cve: "CVE-2023-36617", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-36617", }, { cve: "CVE-2023-36664", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-36664", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes \"e-Tugra\" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from \"e-Tugra\" from the root store.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-38559", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-38559", }, { cve: "CVE-2023-40283", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "CSAFPID-0004", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0009", "CSAFPID-0008", "CSAFPID-0007", "CSAFPID-0006", ], }, ], title: "CVE-2023-40283", }, ], }
ssa-806742
Vulnerability from csaf_siemens
Published
2024-02-13 00:00
Modified
2024-02-13 00:00
Summary
SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4
Notes
Summary
SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.
Siemens has released an update for SCALANCE X-300 and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.\n\nSiemens has released an update for SCALANCE X-300 and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-806742.html", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-806742.pdf", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-806742.txt", }, ], title: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4", tracking: { current_release_date: "2024-02-13T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-806742", initial_release_date: "2024-02-13T00:00:00Z", revision_history: [ { date: "2024-02-13T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "interim", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", product_id: "1", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2EC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", product_id: "2", product_identification_helper: { model_numbers: [ "6GK5324-8TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", product_id: "3", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", product_id: "4", product_identification_helper: { model_numbers: [ "6GK5332-0GA01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", product_id: "5", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2ER3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", product_id: "6", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", product_id: "7", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", product_id: "8", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", product_id: "9", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", product_id: "10", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", product_id: "11", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2006-20001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2006-20001", }, { cve: "CVE-2020-10735", cwe: { id: "CWE-704", name: "Incorrect Type Conversion or Cast", }, notes: [ { category: "summary", text: "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2020-10735", }, { cve: "CVE-2021-3445", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-3445", }, { cve: "CVE-2021-3638", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-3638", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-36369", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-36369", }, { cve: "CVE-2021-43666", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-43666", }, { cve: "CVE-2021-45451", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-45451", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1348", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-1348", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2880", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-2880", }, { cve: "CVE-2022-3294", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-3294", }, { cve: "CVE-2022-3437", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-3437", }, { cve: "CVE-2022-3515", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-3515", }, { cve: "CVE-2022-4415", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4415", }, { cve: "CVE-2022-4743", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4743", }, { cve: "CVE-2022-4744", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4744", }, { cve: "CVE-2022-4900", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4900", }, { cve: "CVE-2022-4904", cwe: { id: "CWE-1284", name: "Improper Validation of Specified Quantity in Input", }, notes: [ { category: "summary", text: "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4904", }, { cve: "CVE-2022-23471", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-23471", }, { cve: "CVE-2022-23521", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-23521", }, { cve: "CVE-2022-24834", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-24834", }, { cve: "CVE-2022-26691", cwe: { id: "CWE-697", name: "Incorrect Comparison", }, notes: [ { category: "summary", text: "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-26691", }, { cve: "CVE-2022-28737", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-28737", }, { cve: "CVE-2022-28738", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-28738", }, { cve: "CVE-2022-28739", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-28739", }, { cve: "CVE-2022-29154", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29154", }, { cve: "CVE-2022-29162", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29162", }, { cve: "CVE-2022-29187", cwe: { id: "CWE-282", name: "Improper Ownership Management", }, notes: [ { category: "summary", text: "Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29187", }, { cve: "CVE-2022-29536", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29536", }, { cve: "CVE-2022-32148", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-32148", }, { cve: "CVE-2022-34903", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-34903", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36021", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-36021", }, { cve: "CVE-2022-36227", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: \"In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution.\"", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-36227", }, { cve: "CVE-2022-36760", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-36760", }, { cve: "CVE-2022-37436", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "summary", text: "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-37436", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-37797", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-37797", }, { cve: "CVE-2022-38725", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-38725", }, { cve: "CVE-2022-39189", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-39189", }, { cve: "CVE-2022-39260", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-39260", }, { cve: "CVE-2022-41409", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41409", }, { cve: "CVE-2022-41556", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41556", }, { cve: "CVE-2022-41715", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41715", }, { cve: "CVE-2022-41717", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41717", }, { cve: "CVE-2022-41723", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41723", }, { cve: "CVE-2022-41860", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41860", }, { cve: "CVE-2022-41861", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41861", }, { cve: "CVE-2022-41862", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41862", }, { cve: "CVE-2022-41903", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41903", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-44370", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-44370", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-45142", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "summary", text: "The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-45142", }, { cve: "CVE-2022-45919", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-45919", }, { cve: "CVE-2022-46392", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-46392", }, { cve: "CVE-2022-46393", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-46393", }, { cve: "CVE-2022-47629", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-47629", }, { cve: "CVE-2022-48303", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-48303", }, { cve: "CVE-2022-48434", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-48434", }, { cve: "CVE-2023-0160", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0160", }, { cve: "CVE-2023-0330", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0330", }, { cve: "CVE-2023-0361", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0361", }, { cve: "CVE-2023-0494", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0494", }, { cve: "CVE-2023-0567", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0567", }, { cve: "CVE-2023-0568", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0568", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-0662", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0662", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-1380", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-1393", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1393", }, { cve: "CVE-2023-1611", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1838", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1838", }, { cve: "CVE-2023-1855", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1859", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1859", }, { cve: "CVE-2023-1989", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-2002", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2002", }, { cve: "CVE-2023-2124", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2194", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace \"data->block[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2194", }, { cve: "CVE-2023-2269", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2269", }, { cve: "CVE-2023-2861", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2861", }, { cve: "CVE-2023-2953", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2953", }, { cve: "CVE-2023-3006", cwe: { id: "CWE-212", name: "Improper Removal of Sensitive Information Before Storage or Transfer", }, notes: [ { category: "summary", text: "A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3006", }, { cve: "CVE-2023-3090", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3090", }, { cve: "CVE-2023-3111", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3111", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3212", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3212", }, { cve: "CVE-2023-3247", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, notes: [ { category: "summary", text: "In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3247", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3301", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3301", }, { cve: "CVE-2023-3316", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3316", }, { cve: "CVE-2023-3390", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3390", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3776", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3776", }, { cve: "CVE-2023-3863", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3863", }, { cve: "CVE-2023-4128", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-4128", }, { cve: "CVE-2023-4194", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 (\"tun: tun_chr_open(): correctly initialize socket uid\"), - 66b2c338adce (\"tap: tap_open(): correctly initialize socket uid\"), pass \"inode->i_uid\" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-4194", }, { cve: "CVE-2023-20593", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-20593", }, { cve: "CVE-2023-21255", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-21255", }, { cve: "CVE-2023-22490", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "summary", text: "Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.\n\nA fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-22490", }, { cve: "CVE-2023-22742", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2's `git_remote_callbacks` structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Users are encouraged to upgrade to v1.4.5 or v1.5.1. Users unable to upgrade should ensure that all relevant certificates are manually checked.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-22742", }, { cve: "CVE-2023-22745", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-22745", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23931", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23931", }, { cve: "CVE-2023-23934", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Werkzeug is a comprehensive WSGI web application library. Browsers may allow \"nameless\" cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23934", }, { cve: "CVE-2023-23946", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23946", }, { cve: "CVE-2023-24538", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-24538", }, { cve: "CVE-2023-25153", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25153", }, { cve: "CVE-2023-25155", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25155", }, { cve: "CVE-2023-25193", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger quadratic growth via consecutive marks during the process of looking back for base glyphs when attaching marks.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25193", }, { cve: "CVE-2023-25588", cwe: { id: "CWE-908", name: "Use of Uninitialized Resource", }, notes: [ { category: "summary", text: "A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25588", }, { cve: "CVE-2023-25690", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\r\n\r\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. \r\n\r\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25690", }, { cve: "CVE-2023-25727", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25727", }, { cve: "CVE-2023-26081", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-26081", }, { cve: "CVE-2023-26965", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-26965", }, { cve: "CVE-2023-27522", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27522", }, { cve: "CVE-2023-27534", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27534", }, { cve: "CVE-2023-27535", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27535", }, { cve: "CVE-2023-27536", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27536", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-28466", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28466", }, { cve: "CVE-2023-28486", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in log messages.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28486", }, { cve: "CVE-2023-28487", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in sudoreplay output.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28487", }, { cve: "CVE-2023-29402", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via \"go get\", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29402", }, { cve: "CVE-2023-29404", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29404", }, { cve: "CVE-2023-29405", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29405", }, { cve: "CVE-2023-29406", cwe: { id: "CWE-436", name: "Interpretation Conflict", }, notes: [ { category: "summary", text: "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29406", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-30086", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-30086", }, { cve: "CVE-2023-30456", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-30456", }, { cve: "CVE-2023-30772", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-30772", }, { cve: "CVE-2023-31084", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31084", }, { cve: "CVE-2023-31124", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31124", }, { cve: "CVE-2023-31130", cwe: { id: "CWE-124", name: "Buffer Underwrite ('Buffer Underflow')", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular \"0::00:00:00/2\" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31130", }, { cve: "CVE-2023-31147", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31147", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-31489", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31489", }, { cve: "CVE-2023-32067", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-32067", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-32573", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-32573", }, { cve: "CVE-2023-33203", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-33203", }, { cve: "CVE-2023-34256", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "** DISPUTED ** An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated \"When modifying the block device while it is mounted by the filesystem\" access.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-34256", }, { cve: "CVE-2023-34872", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-34872", }, { cve: "CVE-2023-34969", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-34969", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35788", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35788", }, { cve: "CVE-2023-35789", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35789", }, { cve: "CVE-2023-35823", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35823", }, { cve: "CVE-2023-35824", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35824", }, { cve: "CVE-2023-35828", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35828", }, { cve: "CVE-2023-36054", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-36054", }, { cve: "CVE-2023-36617", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-36617", }, { cve: "CVE-2023-36664", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-36664", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes \"e-Tugra\" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from \"e-Tugra\" from the root store.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-38559", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-38559", }, { cve: "CVE-2023-40283", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-40283", }, ], }
SSA-806742
Vulnerability from csaf_siemens
Published
2024-02-13 00:00
Modified
2024-02-13 00:00
Summary
SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4
Notes
Summary
SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.
Siemens has released an update for SCALANCE X-300 and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "SCALANCE XCM-/XRM-300 before V2.4 is affected by multiple vulnerabilities.\n\nSiemens has released an update for SCALANCE X-300 and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-806742.html", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-806742.json", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-806742.pdf", }, { category: "self", summary: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-806742.txt", }, ], title: "SSA-806742: Multiple Vulnerabilities in SCALANCE XCM-/XRM-300 before V2.4", tracking: { current_release_date: "2024-02-13T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-806742", initial_release_date: "2024-02-13T00:00:00Z", revision_history: [ { date: "2024-02-13T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "interim", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", product_id: "1", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2EC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCH328 (6GK5328-4TS01-2EC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", product_id: "2", product_identification_helper: { model_numbers: [ "6GK5324-8TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM324 (6GK5324-8TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", product_id: "3", product_identification_helper: { model_numbers: [ "6GK5328-4TS01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM328 (6GK5328-4TS01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", product_id: "4", product_identification_helper: { model_numbers: [ "6GK5332-0GA01-2AC2", ], }, }, }, ], category: "product_name", name: "SCALANCE XCM332 (6GK5332-0GA01-2AC2)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", product_id: "5", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2ER3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", product_id: "6", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", product_id: "7", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-4AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", product_id: "8", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", product_id: "9", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-2AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", product_id: "10", product_identification_helper: { model_numbers: [ "6GK5334-2TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)", }, { branches: [ { category: "product_version_range", name: "<V2.4", product: { name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", product_id: "11", product_identification_helper: { model_numbers: [ "6GK5334-3TS01-3AR3", ], }, }, }, ], category: "product_name", name: "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2006-20001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2006-20001", }, { cve: "CVE-2020-10735", cwe: { id: "CWE-704", name: "Incorrect Type Conversion or Cast", }, notes: [ { category: "summary", text: "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2020-10735", }, { cve: "CVE-2021-3445", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-3445", }, { cve: "CVE-2021-3638", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-3638", }, { cve: "CVE-2021-4037", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-4037", }, { cve: "CVE-2021-36369", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-36369", }, { cve: "CVE-2021-43666", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-43666", }, { cve: "CVE-2021-45451", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, notes: [ { category: "summary", text: "In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2021-45451", }, { cve: "CVE-2022-1015", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-1015", }, { cve: "CVE-2022-1348", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-1348", }, { cve: "CVE-2022-2586", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-2586", }, { cve: "CVE-2022-2880", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-2880", }, { cve: "CVE-2022-3294", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-3294", }, { cve: "CVE-2022-3437", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-3437", }, { cve: "CVE-2022-3515", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-3515", }, { cve: "CVE-2022-4415", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4415", }, { cve: "CVE-2022-4743", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4743", }, { cve: "CVE-2022-4744", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4744", }, { cve: "CVE-2022-4900", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4900", }, { cve: "CVE-2022-4904", cwe: { id: "CWE-1284", name: "Improper Validation of Specified Quantity in Input", }, notes: [ { category: "summary", text: "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-4904", }, { cve: "CVE-2022-23471", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. This bug has been fixed in containerd 1.6.12 and 1.5.16. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used and that only trusted users have permissions to execute commands in running containers.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-23471", }, { cve: "CVE-2022-23521", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-23521", }, { cve: "CVE-2022-24834", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-24834", }, { cve: "CVE-2022-26691", cwe: { id: "CWE-697", name: "Incorrect Comparison", }, notes: [ { category: "summary", text: "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-26691", }, { cve: "CVE-2022-28737", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-28737", }, { cve: "CVE-2022-28738", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-28738", }, { cve: "CVE-2022-28739", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-28739", }, { cve: "CVE-2022-29154", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29154", }, { cve: "CVE-2022-29162", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29162", }, { cve: "CVE-2022-29187", cwe: { id: "CWE-282", name: "Improper Ownership Management", }, notes: [ { category: "summary", text: "Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29187", }, { cve: "CVE-2022-29536", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-29536", }, { cve: "CVE-2022-32148", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-32148", }, { cve: "CVE-2022-34903", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-34903", }, { cve: "CVE-2022-34918", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-34918", }, { cve: "CVE-2022-36021", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU time. The problem is fixed in Redis versions 6.0.18, 6.2.11, 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-36021", }, { cve: "CVE-2022-36227", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: \"In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution.\"", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-36227", }, { cve: "CVE-2022-36760", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-36760", }, { cve: "CVE-2022-37436", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "summary", text: "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-37436", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-37797", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-37797", }, { cve: "CVE-2022-38725", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-38725", }, { cve: "CVE-2022-39189", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-39189", }, { cve: "CVE-2022-39260", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-39260", }, { cve: "CVE-2022-41409", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41409", }, { cve: "CVE-2022-41556", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "summary", text: "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41556", }, { cve: "CVE-2022-41715", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41715", }, { cve: "CVE-2022-41717", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41717", }, { cve: "CVE-2022-41723", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41723", }, { cve: "CVE-2022-41860", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41860", }, { cve: "CVE-2022-41861", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41861", }, { cve: "CVE-2022-41862", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41862", }, { cve: "CVE-2022-41903", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-41903", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-44370", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-44370", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "summary", text: "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-45142", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "summary", text: "The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding \"!= 0\" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-45142", }, { cve: "CVE-2022-45919", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-45919", }, { cve: "CVE-2022-46392", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-46392", }, { cve: "CVE-2022-46393", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-46393", }, { cve: "CVE-2022-47629", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-47629", }, { cve: "CVE-2022-48303", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-48303", }, { cve: "CVE-2022-48434", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2022-48434", }, { cve: "CVE-2023-0160", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0160", }, { cve: "CVE-2023-0330", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0330", }, { cve: "CVE-2023-0361", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0361", }, { cve: "CVE-2023-0494", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0494", }, { cve: "CVE-2023-0567", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0567", }, { cve: "CVE-2023-0568", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0568", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-0662", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-0662", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-1380", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-1393", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1393", }, { cve: "CVE-2023-1611", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1838", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1838", }, { cve: "CVE-2023-1855", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1855", }, { cve: "CVE-2023-1859", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1859", }, { cve: "CVE-2023-1989", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-2002", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2002", }, { cve: "CVE-2023-2124", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2194", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace \"data->block[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2194", }, { cve: "CVE-2023-2269", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2269", }, { cve: "CVE-2023-2861", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2861", }, { cve: "CVE-2023-2953", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-2953", }, { cve: "CVE-2023-3006", cwe: { id: "CWE-212", name: "Improper Removal of Sensitive Information Before Storage or Transfer", }, notes: [ { category: "summary", text: "A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3006", }, { cve: "CVE-2023-3090", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3090", }, { cve: "CVE-2023-3111", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3111", }, { cve: "CVE-2023-3141", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-3212", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3212", }, { cve: "CVE-2023-3247", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, notes: [ { category: "summary", text: "In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3247", }, { cve: "CVE-2023-3268", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3268", }, { cve: "CVE-2023-3301", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3301", }, { cve: "CVE-2023-3316", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3316", }, { cve: "CVE-2023-3390", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3390", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation.\r\n\r\nThe qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-3776", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation.\r\n\r\nIf tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3776", }, { cve: "CVE-2023-3863", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-3863", }, { cve: "CVE-2023-4128", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerability in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-4128", }, { cve: "CVE-2023-4194", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 (\"tun: tun_chr_open(): correctly initialize socket uid\"), - 66b2c338adce (\"tap: tap_open(): correctly initialize socket uid\"), pass \"inode->i_uid\" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-4194", }, { cve: "CVE-2023-20593", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-20593", }, { cve: "CVE-2023-21255", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-21255", }, { cve: "CVE-2023-22490", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "summary", text: "Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.\n\nA fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-22490", }, { cve: "CVE-2023-22742", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2's `git_remote_callbacks` structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Users are encouraged to upgrade to v1.4.5 or v1.5.1. Users unable to upgrade should ensure that all relevant certificates are manually checked.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-22742", }, { cve: "CVE-2023-22745", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-22745", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "summary", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23931", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23931", }, { cve: "CVE-2023-23934", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Werkzeug is a comprehensive WSGI web application library. Browsers may allow \"nameless\" cookies that look like `=value` instead of `key=value`. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like `=__Host-test=bad` for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie `=__Host-test=bad` as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 2.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23934", }, { cve: "CVE-2023-23946", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-23946", }, { cve: "CVE-2023-24538", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-24538", }, { cve: "CVE-2023-25153", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25153", }, { cve: "CVE-2023-25155", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25155", }, { cve: "CVE-2023-25193", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger quadratic growth via consecutive marks during the process of looking back for base glyphs when attaching marks.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25193", }, { cve: "CVE-2023-25588", cwe: { id: "CWE-908", name: "Use of Uninitialized Resource", }, notes: [ { category: "summary", text: "A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25588", }, { cve: "CVE-2023-25690", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\r\n\r\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. \r\n\r\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25690", }, { cve: "CVE-2023-25727", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-25727", }, { cve: "CVE-2023-26081", cwe: { id: "CWE-668", name: "Exposure of Resource to Wrong Sphere", }, notes: [ { category: "summary", text: "In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-26081", }, { cve: "CVE-2023-26965", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-26965", }, { cve: "CVE-2023-27522", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "summary", text: "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27522", }, { cve: "CVE-2023-27534", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27534", }, { cve: "CVE-2023-27535", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27535", }, { cve: "CVE-2023-27536", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-27536", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-28466", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28466", }, { cve: "CVE-2023-28486", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in log messages.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28486", }, { cve: "CVE-2023-28487", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "summary", text: "Sudo before 1.9.13 does not escape control characters in sudoreplay output.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-28487", }, { cve: "CVE-2023-29402", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via \"go get\", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29402", }, { cve: "CVE-2023-29404", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29404", }, { cve: "CVE-2023-29405", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29405", }, { cve: "CVE-2023-29406", cwe: { id: "CWE-436", name: "Interpretation Conflict", }, notes: [ { category: "summary", text: "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29406", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-30086", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-30086", }, { cve: "CVE-2023-30456", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-30456", }, { cve: "CVE-2023-30772", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-30772", }, { cve: "CVE-2023-31084", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31084", }, { cve: "CVE-2023-31124", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31124", }, { cve: "CVE-2023-31130", cwe: { id: "CWE-124", name: "Buffer Underwrite ('Buffer Underflow')", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular \"0::00:00:00/2\" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31130", }, { cve: "CVE-2023-31147", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31147", }, { cve: "CVE-2023-31436", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-31489", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-31489", }, { cve: "CVE-2023-32067", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-32067", }, { cve: "CVE-2023-32233", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-32233", }, { cve: "CVE-2023-32573", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "summary", text: "In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-32573", }, { cve: "CVE-2023-33203", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-33203", }, { cve: "CVE-2023-34256", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "** DISPUTED ** An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated \"When modifying the block device while it is mounted by the filesystem\" access.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-34256", }, { cve: "CVE-2023-34872", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-34872", }, { cve: "CVE-2023-34969", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-34969", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-35788", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35788", }, { cve: "CVE-2023-35789", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35789", }, { cve: "CVE-2023-35823", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35823", }, { cve: "CVE-2023-35824", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35824", }, { cve: "CVE-2023-35828", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-35828", }, { cve: "CVE-2023-36054", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "summary", text: "lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-36054", }, { cve: "CVE-2023-36617", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "summary", text: "A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-36617", }, { cve: "CVE-2023-36664", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-36664", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes \"e-Tugra\" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from \"e-Tugra\" from the root store.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-38559", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-38559", }, { cve: "CVE-2023-40283", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, remediations: [ { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "1", "2", "3", "5", "11", "10", "9", "8", "7", "6", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, { category: "vendor_fix", details: "Update to V2.4 or later version", product_ids: [ "4", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109826613/", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "11", "10", "9", "8", "7", "6", ], }, ], title: "CVE-2023-40283", }, ], }
fkie_cve-2023-1990
Vulnerability from fkie_nvd
Published
2023-04-12 20:15
Modified
2025-03-19 16:15
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 6.3 | |
| linux | linux_kernel | 6.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "3769AA63-B0A8-4EF1-96F9-6A6A6B305A02", versionEndExcluding: "6.3", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*", matchCriteriaId: "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*", matchCriteriaId: "A47F0FC3-CE52-4BA1-BA51-22F783938431", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", }, ], id: "CVE-2023-1990", lastModified: "2025-03-19T16:15:17.597", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-12T20:15:07.233", references: [ { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, { source: "secalert@redhat.com", url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-xh27-567v-j74r
Vulnerability from github
Published
2023-04-12 21:30
Modified
2024-04-04 03:25
Severity ?
Details
A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
{ affected: [], aliases: [ "CVE-2023-1990", ], database_specific: { cwe_ids: [ "CWE-416", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2023-04-12T20:15:00Z", severity: "MODERATE", }, details: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", id: "GHSA-xh27-567v-j74r", modified: "2024-04-04T03:25:42Z", published: "2023-04-12T21:30:20Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-1990", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", }, { type: "WEB", url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz%40163.com", }, { type: "WEB", url: "https://lore.kernel.org/all/20230312160837.2040857-1-zyytlz.wz@163.com", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.