Vulnerability from csaf_suse
Published
2023-07-11 04:31
Modified
2023-07-11 04:31
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).
- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).
- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).
- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).
- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).
- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
- CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).
- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).
- CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
- CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
- CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
- CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
The following non-security bugs were fixed:
- Do not sign the vanilla kernel (bsc#1209008).
- Drop dvb-core fix patch due to regression (bsc#1205758).
- Revert CVE-2018-20784 due to regression (bsc#1126703).
- binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039 CVE-2023-1249).
- bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052 CVE-2023-28464).
- bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (CVE-2023-1989 bsc#1210336).
- btrfs: fix race between quota disable and quota assign ioctls (CVE-2023-1611 bsc#1209687).
- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036 CVE-2023-23454 bsc#1207125 CVE-2023-23455).
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
- ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105 CVE-2023-2513).
- fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
- firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).
- fix a mistake in the CVE-2023-0590 / bsc#1207795 backport
- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#1210715 CVE-2023-2194).
- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).
- ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842 CVE-2023-3090).
- kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753).
- kvm: initialize all of the kvm_debugregs structure before sending it to userspace (bsc#1209532 CVE-2023-1513).
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).
- media: dvb-core: Fix use-after-free due on race condition at dvb_net (CVE-2022-45886 bsc#1205760).
- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (CVE-2022-45884 bsc#1205756).
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).
- media: dvb-core: Fix use-after-free on race condition at dvb_frontend (CVE-2022-45885 bsc#1205758).
- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#1209291 CVE-2023-28328).
- media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758).
- media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760).
- media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc#1205756).
- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118 bsc#1208837).
- media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887 bsc#1205762).
- memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#1210940 CVE-2023-31436).
- netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095 bsc#1208777).
- netrom: Fix use-after-free caused by accept on already connected socket (bsc#1211186 CVE-2023-32269).
- nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (git-fixes bsc#1210337 CVE-2023-1990).
- power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (CVE-2023-30772 bsc#1210329).
- prlimit: do_prlimit needs to have a speculation check (bsc#1209256 CVE-2017-5753).
- sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600 CVE-2023-1077).
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (bsc#1210647 CVE-2023-2162).
- seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772).
- tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566).
- tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390).
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#1209287 CVE-2023-1380).
- x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506 CVE-2023-1998).
- xfs: verify buffer contents when we skip log replay (bsc#1210498 CVE-2023-2124).
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871 CVE-2023-1670).
Patchnames
SUSE-2023-2805,SUSE-SLE-SERVER-12-SP2-BCL-2023-2805
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).\n- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).\n- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).\n- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).\n- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).\n- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).\n- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).\n- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).\n- CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).\n- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).\n- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).\n- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).\n- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).\n- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).\n- CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).\n- CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).\n- CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).\n- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).\n- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).\n- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).\n- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).\n- CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).\n- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).\n- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).\n- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).\n- CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).\n- CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).\n- CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).\n- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).\n- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).\n- CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).\n- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).\n- CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).\n\nThe following non-security bugs were fixed:\n\n- Do not sign the vanilla kernel (bsc#1209008).\n- Drop dvb-core fix patch due to regression (bsc#1205758).\n- Revert CVE-2018-20784 due to regression (bsc#1126703).\n- binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039 CVE-2023-1249).\n- bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052 CVE-2023-28464).\n- bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (CVE-2023-1989 bsc#1210336).\n- btrfs: fix race between quota disable and quota assign ioctls (CVE-2023-1611 bsc#1209687).\n- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036 CVE-2023-23454 bsc#1207125 CVE-2023-23455).\n- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).\n- ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105 CVE-2023-2513).\n- fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).\n- firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).\n- fix a mistake in the CVE-2023-0590 / bsc#1207795 backport\n- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#1210715 CVE-2023-2194).\n- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).\n- ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842 CVE-2023-3090).\n- kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753).\n- kvm: initialize all of the kvm_debugregs structure before sending it to userspace (bsc#1209532 CVE-2023-1513).\n- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).\n- media: dvb-core: Fix use-after-free due on race condition at dvb_net (CVE-2022-45886 bsc#1205760).\n- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (CVE-2022-45884 bsc#1205756).\n- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).\n- media: dvb-core: Fix use-after-free on race condition at dvb_frontend (CVE-2022-45885 bsc#1205758).\n- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#1209291 CVE-2023-28328).\n- media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758).\n- media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760).\n- media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc#1205756).\n- media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118 bsc#1208837).\n- media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887 bsc#1205762).\n- memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).\n- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#1210940 CVE-2023-31436).\n- netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095 bsc#1208777).\n- netrom: Fix use-after-free caused by accept on already connected socket (bsc#1211186 CVE-2023-32269).\n- nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (git-fixes bsc#1210337 CVE-2023-1990).\n- power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (CVE-2023-30772 bsc#1210329).\n- prlimit: do_prlimit needs to have a speculation check (bsc#1209256 CVE-2017-5753).\n- sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600 CVE-2023-1077).\n- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (bsc#1210647 CVE-2023-2162).\n- seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772).\n- tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566).\n- tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390).\n- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#1209287 CVE-2023-1380).\n- x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506 CVE-2023-1998).\n- xfs: verify buffer contents when we skip log replay (bsc#1210498 CVE-2023-2124).\n- xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871 CVE-2023-1670).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2805,SUSE-SLE-SERVER-12-SP2-BCL-2023-2805", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2805-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2805-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232805-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2805-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015468.html", }, { category: "self", summary: "SUSE Bug 1126703", url: "https://bugzilla.suse.com/1126703", }, { category: "self", summary: "SUSE Bug 1204405", url: "https://bugzilla.suse.com/1204405", }, { category: "self", summary: "SUSE Bug 1205756", url: "https://bugzilla.suse.com/1205756", }, { category: "self", summary: "SUSE Bug 1205758", url: "https://bugzilla.suse.com/1205758", }, { category: "self", summary: "SUSE Bug 1205760", url: "https://bugzilla.suse.com/1205760", }, { category: "self", summary: "SUSE Bug 1205762", url: "https://bugzilla.suse.com/1205762", }, { category: "self", summary: "SUSE Bug 1205803", url: "https://bugzilla.suse.com/1205803", }, { category: "self", summary: "SUSE Bug 1206878", url: "https://bugzilla.suse.com/1206878", }, { category: "self", summary: "SUSE Bug 1207036", url: "https://bugzilla.suse.com/1207036", }, { category: "self", summary: "SUSE Bug 1207125", url: "https://bugzilla.suse.com/1207125", }, { category: "self", summary: "SUSE Bug 1207168", url: "https://bugzilla.suse.com/1207168", }, { category: "self", summary: "SUSE Bug 1207795", url: "https://bugzilla.suse.com/1207795", }, { category: "self", summary: "SUSE Bug 1208600", url: "https://bugzilla.suse.com/1208600", }, { category: "self", summary: "SUSE Bug 1208777", url: "https://bugzilla.suse.com/1208777", }, { category: "self", summary: "SUSE Bug 1208837", url: "https://bugzilla.suse.com/1208837", }, { category: "self", summary: "SUSE Bug 1209008", url: "https://bugzilla.suse.com/1209008", }, { category: "self", summary: "SUSE Bug 1209039", url: "https://bugzilla.suse.com/1209039", }, { category: "self", summary: "SUSE Bug 1209052", url: "https://bugzilla.suse.com/1209052", }, { category: "self", summary: "SUSE Bug 1209256", url: "https://bugzilla.suse.com/1209256", }, { category: "self", summary: "SUSE Bug 1209287", url: "https://bugzilla.suse.com/1209287", }, { category: "self", summary: "SUSE Bug 1209289", url: "https://bugzilla.suse.com/1209289", }, { category: "self", summary: "SUSE Bug 1209291", url: "https://bugzilla.suse.com/1209291", }, { category: "self", summary: "SUSE Bug 1209532", url: "https://bugzilla.suse.com/1209532", }, { category: "self", summary: "SUSE Bug 1209549", url: "https://bugzilla.suse.com/1209549", }, { category: "self", summary: "SUSE Bug 1209687", url: "https://bugzilla.suse.com/1209687", }, { category: "self", summary: "SUSE Bug 1209871", url: "https://bugzilla.suse.com/1209871", }, { category: "self", summary: "SUSE Bug 1210329", url: "https://bugzilla.suse.com/1210329", }, { category: "self", summary: "SUSE Bug 1210336", url: "https://bugzilla.suse.com/1210336", }, { category: "self", summary: "SUSE Bug 1210337", url: "https://bugzilla.suse.com/1210337", }, { category: "self", summary: "SUSE Bug 1210498", url: "https://bugzilla.suse.com/1210498", }, { category: "self", summary: "SUSE Bug 1210506", url: "https://bugzilla.suse.com/1210506", }, { category: "self", summary: "SUSE Bug 1210647", url: "https://bugzilla.suse.com/1210647", }, { category: "self", summary: "SUSE Bug 1210715", url: "https://bugzilla.suse.com/1210715", }, { category: "self", summary: "SUSE Bug 1210940", url: "https://bugzilla.suse.com/1210940", }, { category: "self", summary: "SUSE Bug 1211105", url: "https://bugzilla.suse.com/1211105", }, { category: "self", summary: "SUSE Bug 1211186", url: "https://bugzilla.suse.com/1211186", }, { category: "self", summary: "SUSE Bug 1211449", url: "https://bugzilla.suse.com/1211449", }, { category: "self", summary: "SUSE Bug 1212128", url: "https://bugzilla.suse.com/1212128", }, { category: "self", summary: "SUSE Bug 1212129", url: "https://bugzilla.suse.com/1212129", }, { category: "self", summary: "SUSE Bug 1212154", url: "https://bugzilla.suse.com/1212154", }, { category: "self", summary: "SUSE Bug 1212501", url: "https://bugzilla.suse.com/1212501", }, { category: "self", summary: "SUSE Bug 1212842", url: "https://bugzilla.suse.com/1212842", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2018-20784 page", url: "https://www.suse.com/security/cve/CVE-2018-20784/", }, { category: "self", summary: "SUSE CVE CVE-2022-3566 page", url: "https://www.suse.com/security/cve/CVE-2022-3566/", }, { category: "self", summary: "SUSE CVE CVE-2022-45884 page", url: "https://www.suse.com/security/cve/CVE-2022-45884/", }, { category: "self", summary: "SUSE CVE CVE-2022-45885 page", url: "https://www.suse.com/security/cve/CVE-2022-45885/", }, { category: "self", summary: "SUSE CVE CVE-2022-45886 page", url: "https://www.suse.com/security/cve/CVE-2022-45886/", }, { category: "self", summary: "SUSE CVE CVE-2022-45887 page", url: "https://www.suse.com/security/cve/CVE-2022-45887/", }, { category: "self", summary: "SUSE CVE CVE-2022-45919 page", url: "https://www.suse.com/security/cve/CVE-2022-45919/", }, { category: "self", summary: "SUSE CVE CVE-2023-0590 page", url: "https://www.suse.com/security/cve/CVE-2023-0590/", }, { category: "self", summary: "SUSE CVE CVE-2023-1077 page", url: "https://www.suse.com/security/cve/CVE-2023-1077/", }, { category: "self", summary: "SUSE CVE CVE-2023-1095 page", url: "https://www.suse.com/security/cve/CVE-2023-1095/", }, { category: "self", summary: "SUSE CVE CVE-2023-1118 page", url: "https://www.suse.com/security/cve/CVE-2023-1118/", }, { category: "self", summary: "SUSE CVE CVE-2023-1249 page", url: "https://www.suse.com/security/cve/CVE-2023-1249/", }, { category: "self", summary: "SUSE CVE CVE-2023-1380 page", url: "https://www.suse.com/security/cve/CVE-2023-1380/", }, { category: "self", summary: "SUSE CVE CVE-2023-1390 page", url: "https://www.suse.com/security/cve/CVE-2023-1390/", }, { category: "self", summary: "SUSE CVE CVE-2023-1513 page", url: "https://www.suse.com/security/cve/CVE-2023-1513/", }, { category: "self", summary: "SUSE CVE CVE-2023-1611 page", url: "https://www.suse.com/security/cve/CVE-2023-1611/", }, { category: "self", summary: "SUSE CVE CVE-2023-1670 page", url: "https://www.suse.com/security/cve/CVE-2023-1670/", }, { category: "self", summary: "SUSE CVE CVE-2023-1989 page", url: "https://www.suse.com/security/cve/CVE-2023-1989/", }, { category: "self", summary: "SUSE CVE CVE-2023-1990 page", url: "https://www.suse.com/security/cve/CVE-2023-1990/", }, { category: "self", summary: "SUSE CVE CVE-2023-1998 page", url: "https://www.suse.com/security/cve/CVE-2023-1998/", }, { category: "self", summary: "SUSE CVE CVE-2023-2124 page", url: "https://www.suse.com/security/cve/CVE-2023-2124/", }, { category: "self", summary: "SUSE CVE CVE-2023-2162 page", url: "https://www.suse.com/security/cve/CVE-2023-2162/", }, { category: "self", summary: "SUSE CVE CVE-2023-2194 page", url: "https://www.suse.com/security/cve/CVE-2023-2194/", }, { category: "self", summary: "SUSE CVE CVE-2023-23454 page", url: "https://www.suse.com/security/cve/CVE-2023-23454/", }, { category: "self", summary: "SUSE CVE CVE-2023-23455 page", url: "https://www.suse.com/security/cve/CVE-2023-23455/", }, { category: "self", summary: "SUSE CVE CVE-2023-2513 page", url: "https://www.suse.com/security/cve/CVE-2023-2513/", }, { category: "self", summary: "SUSE CVE CVE-2023-28328 page", url: "https://www.suse.com/security/cve/CVE-2023-28328/", }, { category: "self", summary: "SUSE CVE CVE-2023-28464 page", url: "https://www.suse.com/security/cve/CVE-2023-28464/", }, { category: "self", summary: "SUSE CVE CVE-2023-28772 page", url: "https://www.suse.com/security/cve/CVE-2023-28772/", }, { category: "self", summary: "SUSE CVE CVE-2023-30772 page", url: "https://www.suse.com/security/cve/CVE-2023-30772/", }, { category: "self", summary: "SUSE CVE CVE-2023-3090 page", url: "https://www.suse.com/security/cve/CVE-2023-3090/", }, { category: "self", summary: "SUSE CVE CVE-2023-3141 page", url: "https://www.suse.com/security/cve/CVE-2023-3141/", }, { category: "self", summary: "SUSE CVE CVE-2023-31436 page", url: "https://www.suse.com/security/cve/CVE-2023-31436/", }, { category: "self", summary: "SUSE CVE CVE-2023-3159 page", url: "https://www.suse.com/security/cve/CVE-2023-3159/", }, { category: "self", summary: "SUSE CVE CVE-2023-3161 page", url: "https://www.suse.com/security/cve/CVE-2023-3161/", }, { category: "self", summary: "SUSE CVE CVE-2023-32269 page", url: "https://www.suse.com/security/cve/CVE-2023-32269/", }, { category: "self", summary: "SUSE CVE CVE-2023-35824 page", url: "https://www.suse.com/security/cve/CVE-2023-35824/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-07-11T04:31:55Z", generator: { date: "2023-07-11T04:31:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2805-1", initial_release_date: "2023-07-11T04:31:55Z", revision_history: [ { date: "2023-07-11T04:31:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.aarch64", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.aarch64", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "dlm-kmp-default-4.4.121-92.205.1.aarch64", product_id: "dlm-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.aarch64", product_id: "gfs2-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-4.4.121-92.205.1.aarch64", product_id: "kernel-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-base-4.4.121-92.205.1.aarch64", product_id: "kernel-default-base-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-devel-4.4.121-92.205.1.aarch64", product_id: "kernel-default-devel-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-extra-4.4.121-92.205.1.aarch64", product_id: "kernel-default-extra-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.aarch64", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.aarch64", product_id: "kernel-default-kgraft-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.aarch64", product: { name: "kernel-obs-build-4.4.121-92.205.1.aarch64", product_id: "kernel-obs-build-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.aarch64", product: { name: "kernel-obs-qa-4.4.121-92.205.1.aarch64", product_id: "kernel-obs-qa-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.aarch64", product: { name: "kernel-syms-4.4.121-92.205.1.aarch64", product_id: "kernel-syms-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.aarch64", product: { name: "kernel-vanilla-4.4.121-92.205.1.aarch64", product_id: "kernel-vanilla-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.aarch64", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.aarch64", product_id: "kernel-vanilla-base-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.aarch64", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.aarch64", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.aarch64", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.aarch64", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.121-92.205.1.noarch", product: { name: "kernel-devel-4.4.121-92.205.1.noarch", product_id: "kernel-devel-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.121-92.205.1.noarch", product: { name: "kernel-docs-4.4.121-92.205.1.noarch", product_id: "kernel-docs-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-4.4.121-92.205.1.noarch", product: { name: "kernel-docs-html-4.4.121-92.205.1.noarch", product_id: "kernel-docs-html-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-docs-pdf-4.4.121-92.205.1.noarch", product: { name: "kernel-docs-pdf-4.4.121-92.205.1.noarch", product_id: "kernel-docs-pdf-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.121-92.205.1.noarch", product: { name: "kernel-macros-4.4.121-92.205.1.noarch", product_id: "kernel-macros-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.121-92.205.1.noarch", product: { name: "kernel-source-4.4.121-92.205.1.noarch", product_id: "kernel-source-4.4.121-92.205.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-4.4.121-92.205.1.noarch", product: { name: "kernel-source-vanilla-4.4.121-92.205.1.noarch", product_id: "kernel-source-vanilla-4.4.121-92.205.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "cluster-md-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "cluster-md-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "cluster-network-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "cluster-network-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "dlm-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "dlm-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "dlm-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "dlm-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "gfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "gfs2-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "gfs2-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-base-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-base-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-base-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-devel-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-devel-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-extra-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-extra-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.121-92.205.1.ppc64le", product: { name: "kernel-debug-kgraft-4.4.121-92.205.1.ppc64le", product_id: "kernel-debug-kgraft-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-base-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-base-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-devel-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-devel-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-extra-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-extra-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.ppc64le", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.ppc64le", product_id: "kernel-default-kgraft-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.ppc64le", product: { name: "kernel-obs-build-4.4.121-92.205.1.ppc64le", product_id: "kernel-obs-build-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.ppc64le", product: { name: "kernel-obs-qa-4.4.121-92.205.1.ppc64le", product_id: "kernel-obs-qa-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.ppc64le", product: { name: "kernel-syms-4.4.121-92.205.1.ppc64le", product_id: "kernel-syms-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "kernel-vanilla-4.4.121-92.205.1.ppc64le", product_id: "kernel-vanilla-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.ppc64le", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.ppc64le", product_id: "kernel-vanilla-base-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.ppc64le", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.ppc64le", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product: { name: "ocfs2-kmp-debug-4.4.121-92.205.1.ppc64le", product_id: "ocfs2-kmp-debug-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.ppc64le", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.ppc64le", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.s390x", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.s390x", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.s390x", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.s390x", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.s390x", product: { name: "dlm-kmp-default-4.4.121-92.205.1.s390x", product_id: "dlm-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.s390x", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.s390x", product_id: "gfs2-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.s390x", product: { name: "kernel-default-4.4.121-92.205.1.s390x", product_id: "kernel-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.s390x", product: { name: "kernel-default-base-4.4.121-92.205.1.s390x", product_id: "kernel-default-base-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.s390x", product: { name: "kernel-default-devel-4.4.121-92.205.1.s390x", product_id: "kernel-default-devel-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.s390x", product: { name: "kernel-default-extra-4.4.121-92.205.1.s390x", product_id: "kernel-default-extra-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.s390x", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.s390x", product_id: "kernel-default-kgraft-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.121-92.205.1.s390x", product: { name: "kernel-default-man-4.4.121-92.205.1.s390x", product_id: "kernel-default-man-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.s390x", product: { name: "kernel-obs-build-4.4.121-92.205.1.s390x", product_id: "kernel-obs-build-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.s390x", product: { name: "kernel-obs-qa-4.4.121-92.205.1.s390x", product_id: "kernel-obs-qa-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.s390x", product: { name: "kernel-syms-4.4.121-92.205.1.s390x", product_id: "kernel-syms-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.s390x", product: { name: "kernel-vanilla-4.4.121-92.205.1.s390x", product_id: "kernel-vanilla-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.s390x", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.s390x", product_id: "kernel-vanilla-base-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.s390x", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.s390x", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.4.121-92.205.1.s390x", product: { name: "kernel-zfcpdump-4.4.121-92.205.1.s390x", product_id: "kernel-zfcpdump-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.s390x", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.s390x", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.s390x", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "cluster-md-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "cluster-md-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "cluster-md-kmp-default-4.4.121-92.205.1.x86_64", product_id: "cluster-md-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "cluster-md-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "cluster-md-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "cluster-network-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "cluster-network-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "cluster-network-kmp-default-4.4.121-92.205.1.x86_64", product_id: "cluster-network-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "cluster-network-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "cluster-network-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "dlm-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "dlm-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "dlm-kmp-default-4.4.121-92.205.1.x86_64", product_id: "dlm-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "dlm-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "dlm-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "gfs2-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "gfs2-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "gfs2-kmp-default-4.4.121-92.205.1.x86_64", product_id: "gfs2-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "gfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "gfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-base-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-base-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-devel-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-devel-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-extra-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-extra-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-extra-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-kgraft-4.4.121-92.205.1.x86_64", product: { name: "kernel-debug-kgraft-4.4.121-92.205.1.x86_64", product_id: "kernel-debug-kgraft-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-4.4.121-92.205.1.x86_64", product_id: "kernel-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-base-4.4.121-92.205.1.x86_64", product_id: "kernel-default-base-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-devel-4.4.121-92.205.1.x86_64", product_id: "kernel-default-devel-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-extra-4.4.121-92.205.1.x86_64", product_id: "kernel-default-extra-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-default-kgraft-4.4.121-92.205.1.x86_64", product: { name: "kernel-default-kgraft-4.4.121-92.205.1.x86_64", product_id: "kernel-default-kgraft-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.121-92.205.1.x86_64", product: { name: "kernel-obs-build-4.4.121-92.205.1.x86_64", product_id: "kernel-obs-build-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-4.4.121-92.205.1.x86_64", product: { name: "kernel-obs-qa-4.4.121-92.205.1.x86_64", product_id: "kernel-obs-qa-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.205.1.x86_64", product: { name: "kernel-syms-4.4.121-92.205.1.x86_64", product_id: "kernel-syms-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-4.4.121-92.205.1.x86_64", product: { name: "kernel-vanilla-4.4.121-92.205.1.x86_64", product_id: "kernel-vanilla-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.4.121-92.205.1.x86_64", product: { name: "kernel-vanilla-base-4.4.121-92.205.1.x86_64", product_id: "kernel-vanilla-base-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-4.4.121-92.205.1.x86_64", product: { name: "kernel-vanilla-devel-4.4.121-92.205.1.x86_64", product_id: "kernel-vanilla-devel-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-debug-4.4.121-92.205.1.x86_64", product: { name: "ocfs2-kmp-debug-4.4.121-92.205.1.x86_64", product_id: "ocfs2-kmp-debug-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.205.1.x86_64", product: { name: "ocfs2-kmp-default-4.4.121-92.205.1.x86_64", product_id: "ocfs2-kmp-default-4.4.121-92.205.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product: { name: "ocfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", product_id: "ocfs2-kmp-vanilla-4.4.121-92.205.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-default-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.205.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", }, product_reference: "kernel-devel-4.4.121-92.205.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.205.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", }, product_reference: "kernel-macros-4.4.121-92.205.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.205.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", }, product_reference: "kernel-source-4.4.121-92.205.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.205.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", }, product_reference: "kernel-syms-4.4.121-92.205.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, ], }, vulnerabilities: [ { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2018-20784", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20784", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20784", url: "https://www.suse.com/security/cve/CVE-2018-20784", }, { category: "external", summary: "SUSE Bug 1126703 for CVE-2018-20784", url: "https://bugzilla.suse.com/1126703", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2018-20784", }, { cve: "CVE-2022-3566", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3566", }, ], notes: [ { category: "general", text: "A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-3566", url: "https://www.suse.com/security/cve/CVE-2022-3566", }, { category: "external", summary: "SUSE Bug 1204405 for CVE-2022-3566", url: "https://bugzilla.suse.com/1204405", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-3566", }, { cve: "CVE-2022-45884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45884", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45884", url: "https://www.suse.com/security/cve/CVE-2022-45884", }, { category: "external", summary: "SUSE Bug 1205756 for CVE-2022-45884", url: "https://bugzilla.suse.com/1205756", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45884", }, { cve: "CVE-2022-45885", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45885", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45885", url: "https://www.suse.com/security/cve/CVE-2022-45885", }, { category: "external", summary: "SUSE Bug 1205758 for CVE-2022-45885", url: "https://bugzilla.suse.com/1205758", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45885", }, { cve: "CVE-2022-45886", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45886", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45886", url: "https://www.suse.com/security/cve/CVE-2022-45886", }, { category: "external", summary: "SUSE Bug 1205760 for CVE-2022-45886", url: "https://bugzilla.suse.com/1205760", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45886", }, { cve: "CVE-2022-45887", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45887", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45887", url: "https://www.suse.com/security/cve/CVE-2022-45887", }, { category: "external", summary: "SUSE Bug 1205762 for CVE-2022-45887", url: "https://bugzilla.suse.com/1205762", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2022-45887", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2022-45887", }, { cve: "CVE-2022-45919", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-45919", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait_event.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-45919", url: "https://www.suse.com/security/cve/CVE-2022-45919", }, { category: "external", summary: "SUSE Bug 1205803 for CVE-2022-45919", url: "https://bugzilla.suse.com/1205803", }, { category: "external", summary: "SUSE Bug 1208912 for CVE-2022-45919", url: "https://bugzilla.suse.com/1208912", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2022-45919", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2022-45919", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2022-45919", }, { cve: "CVE-2023-0590", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0590", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0590", url: "https://www.suse.com/security/cve/CVE-2023-0590", }, { category: "external", summary: "SUSE Bug 1207795 for CVE-2023-0590", url: "https://bugzilla.suse.com/1207795", }, { category: "external", summary: "SUSE Bug 1207822 for CVE-2023-0590", url: "https://bugzilla.suse.com/1207822", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-0590", url: "https://bugzilla.suse.com/1211495", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-0590", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-1077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1077", }, ], notes: [ { category: "general", text: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1077", url: "https://www.suse.com/security/cve/CVE-2023-1077", }, { category: "external", summary: "SUSE Bug 1208600 for CVE-2023-1077", url: "https://bugzilla.suse.com/1208600", }, { category: "external", summary: "SUSE Bug 1208839 for CVE-2023-1077", url: "https://bugzilla.suse.com/1208839", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1077", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1077", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-1077", }, { cve: "CVE-2023-1095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1095", }, ], notes: [ { category: "general", text: "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1095", url: "https://www.suse.com/security/cve/CVE-2023-1095", }, { category: "external", summary: "SUSE Bug 1208777 for CVE-2023-1095", url: "https://bugzilla.suse.com/1208777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1095", }, { cve: "CVE-2023-1118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1118", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1118", url: "https://www.suse.com/security/cve/CVE-2023-1118", }, { category: "external", summary: "SUSE Bug 1208837 for CVE-2023-1118", url: "https://bugzilla.suse.com/1208837", }, { category: "external", summary: "SUSE Bug 1208910 for CVE-2023-1118", url: "https://bugzilla.suse.com/1208910", }, { category: "external", summary: "SUSE Bug 1210423 for CVE-2023-1118", url: "https://bugzilla.suse.com/1210423", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-1118", url: "https://bugzilla.suse.com/1211495", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1118", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1118", url: "https://bugzilla.suse.com/1213842", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1118", }, { cve: "CVE-2023-1249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1249", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 (\"coredump: Use the vma snapshot in fill_files_note\") not applied yet, then kernel could be affected.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1249", url: "https://www.suse.com/security/cve/CVE-2023-1249", }, { category: "external", summary: "SUSE Bug 1209039 for CVE-2023-1249", url: "https://bugzilla.suse.com/1209039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1249", }, { cve: "CVE-2023-1380", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1380", }, ], notes: [ { category: "general", text: "A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1380", url: "https://www.suse.com/security/cve/CVE-2023-1380", }, { category: "external", summary: "SUSE Bug 1209287 for CVE-2023-1380", url: "https://bugzilla.suse.com/1209287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "low", }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-1390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1390", }, ], notes: [ { category: "general", text: "A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1390", url: "https://www.suse.com/security/cve/CVE-2023-1390", }, { category: "external", summary: "SUSE Bug 1209289 for CVE-2023-1390", url: "https://bugzilla.suse.com/1209289", }, { category: "external", summary: "SUSE Bug 1210779 for CVE-2023-1390", url: "https://bugzilla.suse.com/1210779", }, { category: "external", summary: "SUSE Bug 1211495 for CVE-2023-1390", url: "https://bugzilla.suse.com/1211495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-1390", }, { cve: "CVE-2023-1513", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1513", }, ], notes: [ { category: "general", text: "A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1513", url: "https://www.suse.com/security/cve/CVE-2023-1513", }, { category: "external", summary: "SUSE Bug 1209532 for CVE-2023-1513", url: "https://bugzilla.suse.com/1209532", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "low", }, ], title: "CVE-2023-1513", }, { cve: "CVE-2023-1611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1611", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1611", url: "https://www.suse.com/security/cve/CVE-2023-1611", }, { category: "external", summary: "SUSE Bug 1209687 for CVE-2023-1611", url: "https://bugzilla.suse.com/1209687", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1611", }, { cve: "CVE-2023-1670", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1670", }, ], notes: [ { category: "general", text: "A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1670", url: "https://www.suse.com/security/cve/CVE-2023-1670", }, { category: "external", summary: "SUSE Bug 1209871 for CVE-2023-1670", url: "https://bugzilla.suse.com/1209871", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-1670", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-1989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1989", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1989", url: "https://www.suse.com/security/cve/CVE-2023-1989", }, { category: "external", summary: "SUSE Bug 1210336 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210336", }, { category: "external", summary: "SUSE Bug 1210500 for CVE-2023-1989", url: "https://bugzilla.suse.com/1210500", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-1989", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1989", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-1989", }, { cve: "CVE-2023-1990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1990", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1990", url: "https://www.suse.com/security/cve/CVE-2023-1990", }, { category: "external", summary: "SUSE Bug 1210337 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210337", }, { category: "external", summary: "SUSE Bug 1210501 for CVE-2023-1990", url: "https://bugzilla.suse.com/1210501", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-1990", url: "https://bugzilla.suse.com/1214128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1990", }, { cve: "CVE-2023-1998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1998", }, ], notes: [ { category: "general", text: "The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line.\n\nThis happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1998", url: "https://www.suse.com/security/cve/CVE-2023-1998", }, { category: "external", summary: "SUSE Bug 1210506 for CVE-2023-1998", url: "https://bugzilla.suse.com/1210506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-1998", }, { cve: "CVE-2023-2124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2124", }, ], notes: [ { category: "general", text: "An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2124", url: "https://www.suse.com/security/cve/CVE-2023-2124", }, { category: "external", summary: "SUSE Bug 1210498 for CVE-2023-2124", url: "https://bugzilla.suse.com/1210498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2124", }, { cve: "CVE-2023-2162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2162", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2162", url: "https://www.suse.com/security/cve/CVE-2023-2162", }, { category: "external", summary: "SUSE Bug 1210647 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210647", }, { category: "external", summary: "SUSE Bug 1210662 for CVE-2023-2162", url: "https://bugzilla.suse.com/1210662", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-2162", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-2162", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-2162", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2162", }, { cve: "CVE-2023-2194", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2194", }, ], notes: [ { category: "general", text: "An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace \"data->block[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2194", url: "https://www.suse.com/security/cve/CVE-2023-2194", }, { category: "external", summary: "SUSE Bug 1210715 for CVE-2023-2194", url: "https://bugzilla.suse.com/1210715", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2194", }, { cve: "CVE-2023-23454", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23454", }, ], notes: [ { category: "general", text: "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23454", url: "https://www.suse.com/security/cve/CVE-2023-23454", }, { category: "external", summary: "SUSE Bug 1207036 for CVE-2023-23454", url: "https://bugzilla.suse.com/1207036", }, { category: "external", summary: "SUSE Bug 1207188 for CVE-2023-23454", url: "https://bugzilla.suse.com/1207188", }, { category: "external", summary: "SUSE Bug 1208030 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208030", }, { category: "external", summary: "SUSE Bug 1208044 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208044", }, { category: "external", summary: "SUSE Bug 1208085 for CVE-2023-23454", url: "https://bugzilla.suse.com/1208085", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-23454", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-23455", }, ], notes: [ { category: "general", text: "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-23455", url: "https://www.suse.com/security/cve/CVE-2023-23455", }, { category: "external", summary: "SUSE Bug 1207125 for CVE-2023-23455", url: "https://bugzilla.suse.com/1207125", }, { category: "external", summary: "SUSE Bug 1207189 for CVE-2023-23455", url: "https://bugzilla.suse.com/1207189", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-23455", url: "https://bugzilla.suse.com/1211833", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-2513", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-2513", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-2513", url: "https://www.suse.com/security/cve/CVE-2023-2513", }, { category: "external", summary: "SUSE Bug 1211105 for CVE-2023-2513", url: "https://bugzilla.suse.com/1211105", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-2513", }, { cve: "CVE-2023-28328", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28328", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28328", url: "https://www.suse.com/security/cve/CVE-2023-28328", }, { category: "external", summary: "SUSE Bug 1209291 for CVE-2023-28328", url: "https://bugzilla.suse.com/1209291", }, { category: "external", summary: "SUSE Bug 1222212 for CVE-2023-28328", url: "https://bugzilla.suse.com/1222212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-28328", }, { cve: "CVE-2023-28464", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28464", }, ], notes: [ { category: "general", text: "hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28464", url: "https://www.suse.com/security/cve/CVE-2023-28464", }, { category: "external", summary: "SUSE Bug 1209052 for CVE-2023-28464", url: "https://bugzilla.suse.com/1209052", }, { category: "external", summary: "SUSE Bug 1211111 for CVE-2023-28464", url: "https://bugzilla.suse.com/1211111", }, { category: "external", summary: "SUSE Bug 1220130 for CVE-2023-28464", url: "https://bugzilla.suse.com/1220130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-28464", }, { cve: "CVE-2023-28772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28772", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28772", url: "https://www.suse.com/security/cve/CVE-2023-28772", }, { category: "external", summary: "SUSE Bug 1209549 for CVE-2023-28772", url: "https://bugzilla.suse.com/1209549", }, { category: "external", summary: "SUSE Bug 1211110 for CVE-2023-28772", url: "https://bugzilla.suse.com/1211110", }, { category: "external", summary: "SUSE Bug 1214378 for CVE-2023-28772", url: "https://bugzilla.suse.com/1214378", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-28772", }, { cve: "CVE-2023-30772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-30772", }, ], notes: [ { category: "general", text: "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-30772", url: "https://www.suse.com/security/cve/CVE-2023-30772", }, { category: "external", summary: "SUSE Bug 1210329 for CVE-2023-30772", url: "https://bugzilla.suse.com/1210329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-30772", }, { cve: "CVE-2023-3090", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3090", }, ], notes: [ { category: "general", text: "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3090", url: "https://www.suse.com/security/cve/CVE-2023-3090", }, { category: "external", summary: "SUSE Bug 1212842 for CVE-2023-3090", url: "https://bugzilla.suse.com/1212842", }, { category: "external", summary: "SUSE Bug 1212849 for CVE-2023-3090", url: "https://bugzilla.suse.com/1212849", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-3090", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1219701 for CVE-2023-3090", url: "https://bugzilla.suse.com/1219701", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-3090", }, { cve: "CVE-2023-3141", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3141", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3141", url: "https://www.suse.com/security/cve/CVE-2023-3141", }, { category: "external", summary: "SUSE Bug 1212129 for CVE-2023-3141", url: "https://bugzilla.suse.com/1212129", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-3141", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-3141", }, { cve: "CVE-2023-31436", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-31436", }, ], notes: [ { category: "general", text: "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-31436", url: "https://www.suse.com/security/cve/CVE-2023-31436", }, { category: "external", summary: "SUSE Bug 1210940 for CVE-2023-31436", url: "https://bugzilla.suse.com/1210940", }, { category: "external", summary: "SUSE Bug 1211260 for CVE-2023-31436", url: "https://bugzilla.suse.com/1211260", }, { category: "external", summary: "SUSE Bug 1213841 for CVE-2023-31436", url: "https://bugzilla.suse.com/1213841", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-31436", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-31436", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1223091 for CVE-2023-31436", url: "https://bugzilla.suse.com/1223091", }, { category: "external", summary: "SUSE Bug 1224419 for CVE-2023-31436", url: "https://bugzilla.suse.com/1224419", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-31436", }, { cve: "CVE-2023-3159", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3159", }, ], notes: [ { category: "general", text: "A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3159", url: "https://www.suse.com/security/cve/CVE-2023-3159", }, { category: "external", summary: "SUSE Bug 1212128 for CVE-2023-3159", url: "https://bugzilla.suse.com/1212128", }, { category: "external", summary: "SUSE Bug 1212347 for CVE-2023-3159", url: "https://bugzilla.suse.com/1212347", }, { category: "external", summary: "SUSE Bug 1213842 for CVE-2023-3159", url: "https://bugzilla.suse.com/1213842", }, { category: "external", summary: "SUSE Bug 1214128 for CVE-2023-3159", url: "https://bugzilla.suse.com/1214128", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-3159", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "important", }, ], title: "CVE-2023-3159", }, { cve: "CVE-2023-3161", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3161", }, ], notes: [ { category: "general", text: "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3161", url: "https://www.suse.com/security/cve/CVE-2023-3161", }, { category: "external", summary: "SUSE Bug 1212154 for CVE-2023-3161", url: "https://bugzilla.suse.com/1212154", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-3161", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-3161", }, { cve: "CVE-2023-32269", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-32269", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-32269", url: "https://www.suse.com/security/cve/CVE-2023-32269", }, { category: "external", summary: "SUSE Bug 1211186 for CVE-2023-32269", url: "https://bugzilla.suse.com/1211186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-32269", }, { cve: "CVE-2023-35824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-35824", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-35824", url: "https://www.suse.com/security/cve/CVE-2023-35824", }, { category: "external", summary: "SUSE Bug 1212501 for CVE-2023-35824", url: "https://bugzilla.suse.com/1212501", }, { category: "external", summary: "SUSE Bug 1215674 for CVE-2023-35824", url: "https://bugzilla.suse.com/1215674", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.205.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.205.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.205.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-07-11T04:31:55Z", details: "moderate", }, ], title: "CVE-2023-35824", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.