Vulnerability from csaf_suse
Published
2023-12-15 10:41
Modified
2023-12-15 10:41
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).
- CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).
- CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976).
- CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965).
- CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058).
- CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).
- CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).
The following non-security bugs were fixed:
- cpu/SMT: Allow enabling partial SMT states via sysfs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
- cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
- cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214408).
- cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214408).
- cpu/SMT: Remove topology_smt_supported() (bsc#1214408).
- cpu/SMT: Store the current/max number of threads (bsc#1214408).
- cpu/hotplug: Create SMT sysfs interface for all arches (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
- dm-raid: remove useless checking in raid_message() (git-fixes).
- l2tp: fix refcount leakage on PPPoL2TP sockets (git-fixes).
- l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow (git-fixes).
- md/bitmap: always wake up md_thread in timeout_store (git-fixes).
- md/bitmap: factor out a helper to set timeout (git-fixes).
- md/raid10: Do not add spare disk when recovery fails (git-fixes).
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).
- md/raid10: clean up md_add_new_disk() (git-fixes).
- md/raid10: fix io loss while replacement replace rdev (git-fixes).
- md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes).
- md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
- md/raid10: fix memleak of md thread (git-fixes).
- md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes).
- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes).
- md/raid10: fix overflow of md/safe_mode_delay (git-fixes).
- md/raid10: fix wrong setting of max_corr_read_errors (git-fixes).
- md/raid10: improve code of mrdev in raid10_sync_request (git-fixes).
- md/raid10: prevent soft lockup while flush writes (git-fixes).
- md/raid10: prioritize adding disk to 'removed' mirror (git-fixes).
- md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
- md: add new workqueue for delete rdev (git-fixes).
- md: avoid signed overflow in slot_store() (git-fixes).
- md: do not return existing mddevs from mddev_find_or_alloc (git-fixes).
- md: factor out a mddev_alloc_unit helper from mddev_find (git-fixes).
- md: fix data corruption for raid456 when reshape restart while grow up (git-fixes).
- md: fix deadlock causing by sysfs_notify (git-fixes).
- md: fix incorrect declaration about claim_rdev in md_import_device (git-fixes).
- md: flush md_rdev_misc_wq for HOT_ADD_DISK case (git-fixes).
- md: get sysfs entry after redundancy attr group create (git-fixes).
- md: refactor mddev_find_or_alloc (git-fixes).
- md: remove lock_bdev / unlock_bdev (git-fixes).
- mm, memcg: add mem_cgroup_disabled checks in vmpressure and swap-related functions (bsc#1190208 (MM functional and performance backports) bsc#1216759).
- net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759).
- net: mana: Configure hwc timeout from hardware (bsc#1214037).
- net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764).
- powerpc/pseries: Honour current SMT state when DLPAR onlining CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
- powerpc/pseries: Initialise CPU hotplug callbacks earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).
- powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). Update config files.
- ring-buffer: Avoid softlockup in ring_buffer_resize() (git-fixes).
- s390/cio: unregister device when the only path is gone (git-fixes bsc#1217607).
- s390/cmma: fix detection of DAT pages (LTC#203996 bsc#1217087).
- s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203996 bsc#1217087).
- s390/cmma: fix initial kernel address space page table walk (LTC#203996 bsc#1217087).
- s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217206).
- s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217519).
- s390/dasd: use correct number of retries for ERP requests (git-fixes bsc#1217604).
- s390/mm: add missing arch_set_page_dat() call to gmap allocations (LTC#203996 bsc#1217087).
- s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (LTC#203996 bsc#1217087).
- s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes bsc#1217603).
- scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes).
- scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git-fixes).
- tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together (bsc#1216031).
- usb-storage: fix deadlock when a scsi command timeouts more than once (git-fixes).
- usb: serial: option: add Quectel RM500U-CN modem (git-fixes).
- usb: serial: option: add Telit FE990 compositions (git-fixes).
- usb: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).
- usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail (git-fixes).
- xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes).
- xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes).
- xfs: reserve data and rt quota at the same time (bsc#1203496).
Patchnames
SUSE-2023-4883,SUSE-SLE-SERVER-12-SP5-2023-4883
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).\n- CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).\n- CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976).\n- CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965).\n- CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058).\n- CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).\n- CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).\n\nThe following non-security bugs were fixed:\n\n- cpu/SMT: Allow enabling partial SMT states via sysfs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).\n- cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).\n- cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214408).\n- cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214408).\n- cpu/SMT: Remove topology_smt_supported() (bsc#1214408).\n- cpu/SMT: Store the current/max number of threads (bsc#1214408).\n- cpu/hotplug: Create SMT sysfs interface for all arches (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).\n- dm-raid: remove useless checking in raid_message() (git-fixes).\n- l2tp: fix refcount leakage on PPPoL2TP sockets (git-fixes).\n- l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow (git-fixes).\n- md/bitmap: always wake up md_thread in timeout_store (git-fixes).\n- md/bitmap: factor out a helper to set timeout (git-fixes).\n- md/raid10: Do not add spare disk when recovery fails (git-fixes).\n- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).\n- md/raid10: clean up md_add_new_disk() (git-fixes).\n- md/raid10: fix io loss while replacement replace rdev (git-fixes).\n- md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes).\n- md/raid10: fix memleak for 'conf->bio_split' (git-fixes).\n- md/raid10: fix memleak of md thread (git-fixes).\n- md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes).\n- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes).\n- md/raid10: fix overflow of md/safe_mode_delay (git-fixes).\n- md/raid10: fix wrong setting of max_corr_read_errors (git-fixes).\n- md/raid10: improve code of mrdev in raid10_sync_request (git-fixes).\n- md/raid10: prevent soft lockup while flush writes (git-fixes).\n- md/raid10: prioritize adding disk to 'removed' mirror (git-fixes).\n- md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).\n- md: add new workqueue for delete rdev (git-fixes).\n- md: avoid signed overflow in slot_store() (git-fixes).\n- md: do not return existing mddevs from mddev_find_or_alloc (git-fixes).\n- md: factor out a mddev_alloc_unit helper from mddev_find (git-fixes).\n- md: fix data corruption for raid456 when reshape restart while grow up (git-fixes).\n- md: fix deadlock causing by sysfs_notify (git-fixes).\n- md: fix incorrect declaration about claim_rdev in md_import_device (git-fixes).\n- md: flush md_rdev_misc_wq for HOT_ADD_DISK case (git-fixes).\n- md: get sysfs entry after redundancy attr group create (git-fixes).\n- md: refactor mddev_find_or_alloc (git-fixes).\n- md: remove lock_bdev / unlock_bdev (git-fixes).\n- mm, memcg: add mem_cgroup_disabled checks in vmpressure and swap-related functions (bsc#1190208 (MM functional and performance backports) bsc#1216759).\n- net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759).\n- net: mana: Configure hwc timeout from hardware (bsc#1214037).\n- net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764).\n- powerpc/pseries: Honour current SMT state when DLPAR onlining CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).\n- powerpc/pseries: Initialise CPU hotplug callbacks earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588).\n- powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). Update config files.\n- ring-buffer: Avoid softlockup in ring_buffer_resize() (git-fixes).\n- s390/cio: unregister device when the only path is gone (git-fixes bsc#1217607).\n- s390/cmma: fix detection of DAT pages (LTC#203996 bsc#1217087).\n- s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203996 bsc#1217087).\n- s390/cmma: fix initial kernel address space page table walk (LTC#203996 bsc#1217087).\n- s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217206).\n- s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217519).\n- s390/dasd: use correct number of retries for ERP requests (git-fixes bsc#1217604).\n- s390/mm: add missing arch_set_page_dat() call to gmap allocations (LTC#203996 bsc#1217087).\n- s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (LTC#203996 bsc#1217087).\n- s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes bsc#1217603).\n- scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes).\n- scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git-fixes).\n- tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together (bsc#1216031).\n- usb-storage: fix deadlock when a scsi command timeouts more than once (git-fixes).\n- usb: serial: option: add Quectel RM500U-CN modem (git-fixes).\n- usb: serial: option: add Telit FE990 compositions (git-fixes).\n- usb: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes).\n- usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail (git-fixes).\n- xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes).\n- xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes).\n- xfs: reserve data and rt quota at the same time (bsc#1203496).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-4883,SUSE-SLE-SERVER-12-SP5-2023-4883", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4883-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:4883-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20234883-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:4883-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017435.html", }, { category: "self", summary: "SUSE Bug 1176950", url: "https://bugzilla.suse.com/1176950", }, { category: "self", summary: "SUSE Bug 1190208", url: "https://bugzilla.suse.com/1190208", }, { category: "self", summary: "SUSE Bug 1203496", url: "https://bugzilla.suse.com/1203496", }, { category: "self", summary: "SUSE Bug 1205462", url: "https://bugzilla.suse.com/1205462", }, { category: "self", summary: "SUSE Bug 1208787", url: "https://bugzilla.suse.com/1208787", }, { category: "self", summary: "SUSE Bug 1210780", url: "https://bugzilla.suse.com/1210780", }, { category: "self", summary: "SUSE Bug 1214037", url: "https://bugzilla.suse.com/1214037", }, { category: "self", summary: "SUSE Bug 1214285", url: "https://bugzilla.suse.com/1214285", }, { category: "self", summary: "SUSE Bug 1214408", url: "https://bugzilla.suse.com/1214408", }, { category: "self", summary: "SUSE Bug 1214764", url: "https://bugzilla.suse.com/1214764", }, { category: "self", summary: "SUSE Bug 1216031", url: "https://bugzilla.suse.com/1216031", }, { category: "self", summary: "SUSE Bug 1216058", url: "https://bugzilla.suse.com/1216058", }, { category: "self", summary: "SUSE Bug 1216259", url: "https://bugzilla.suse.com/1216259", }, { category: "self", summary: "SUSE Bug 1216584", url: "https://bugzilla.suse.com/1216584", }, { category: "self", summary: "SUSE Bug 1216759", url: "https://bugzilla.suse.com/1216759", }, { category: "self", summary: "SUSE Bug 1216965", url: "https://bugzilla.suse.com/1216965", }, { category: "self", summary: "SUSE Bug 1216976", url: "https://bugzilla.suse.com/1216976", }, { category: "self", summary: "SUSE Bug 1217036", url: "https://bugzilla.suse.com/1217036", }, { category: "self", summary: "SUSE Bug 1217087", url: "https://bugzilla.suse.com/1217087", }, { category: "self", summary: "SUSE Bug 1217206", url: "https://bugzilla.suse.com/1217206", }, { category: "self", summary: "SUSE Bug 1217519", url: "https://bugzilla.suse.com/1217519", }, { category: "self", summary: "SUSE Bug 1217525", url: "https://bugzilla.suse.com/1217525", }, { category: "self", summary: "SUSE Bug 1217603", url: "https://bugzilla.suse.com/1217603", }, { category: "self", summary: "SUSE Bug 1217604", url: "https://bugzilla.suse.com/1217604", }, { category: "self", summary: "SUSE Bug 1217607", url: "https://bugzilla.suse.com/1217607", }, { category: "self", summary: "SUSE CVE CVE-2023-0461 page", url: "https://www.suse.com/security/cve/CVE-2023-0461/", }, { category: "self", summary: "SUSE CVE CVE-2023-31083 page", url: "https://www.suse.com/security/cve/CVE-2023-31083/", }, { category: "self", summary: "SUSE CVE CVE-2023-39197 page", url: "https://www.suse.com/security/cve/CVE-2023-39197/", }, { category: "self", summary: "SUSE CVE CVE-2023-39198 page", url: "https://www.suse.com/security/cve/CVE-2023-39198/", }, { category: "self", summary: "SUSE CVE CVE-2023-45863 page", url: "https://www.suse.com/security/cve/CVE-2023-45863/", }, { category: "self", summary: "SUSE CVE CVE-2023-45871 page", url: "https://www.suse.com/security/cve/CVE-2023-45871/", }, { category: "self", summary: "SUSE CVE CVE-2023-5717 page", url: "https://www.suse.com/security/cve/CVE-2023-5717/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2023-12-15T10:41:00Z", generator: { date: "2023-12-15T10:41:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:4883-1", initial_release_date: "2023-12-15T10:41:00Z", revision_history: [ { date: "2023-12-15T10:41:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.12.14-16.160.1.noarch", product: { name: "kernel-devel-azure-4.12.14-16.160.1.noarch", product_id: "kernel-devel-azure-4.12.14-16.160.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.12.14-16.160.1.noarch", product: { name: "kernel-source-azure-4.12.14-16.160.1.noarch", product_id: "kernel-source-azure-4.12.14-16.160.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-4.12.14-16.160.1.x86_64", product: { name: "cluster-md-kmp-azure-4.12.14-16.160.1.x86_64", product_id: "cluster-md-kmp-azure-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-4.12.14-16.160.1.x86_64", product: { name: "dlm-kmp-azure-4.12.14-16.160.1.x86_64", product_id: "dlm-kmp-azure-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-4.12.14-16.160.1.x86_64", product: { name: "gfs2-kmp-azure-4.12.14-16.160.1.x86_64", product_id: "gfs2-kmp-azure-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-4.12.14-16.160.1.x86_64", product: { name: "kernel-azure-4.12.14-16.160.1.x86_64", product_id: "kernel-azure-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.12.14-16.160.1.x86_64", product: { name: "kernel-azure-base-4.12.14-16.160.1.x86_64", product_id: "kernel-azure-base-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.12.14-16.160.1.x86_64", product: { name: "kernel-azure-devel-4.12.14-16.160.1.x86_64", product_id: "kernel-azure-devel-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-4.12.14-16.160.1.x86_64", product: { name: "kernel-azure-extra-4.12.14-16.160.1.x86_64", product_id: "kernel-azure-extra-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-kgraft-devel-4.12.14-16.160.1.x86_64", product: { name: "kernel-azure-kgraft-devel-4.12.14-16.160.1.x86_64", product_id: "kernel-azure-kgraft-devel-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.12.14-16.160.1.x86_64", product: { name: "kernel-syms-azure-4.12.14-16.160.1.x86_64", product_id: "kernel-syms-azure-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-4.12.14-16.160.1.x86_64", product: { name: "kselftests-kmp-azure-4.12.14-16.160.1.x86_64", product_id: "kselftests-kmp-azure-4.12.14-16.160.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-4.12.14-16.160.1.x86_64", product: { name: "ocfs2-kmp-azure-4.12.14-16.160.1.x86_64", product_id: "ocfs2-kmp-azure-4.12.14-16.160.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-azure-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-16.160.1.noarch as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-16.160.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-16.160.1.noarch as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-16.160.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-azure-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-16.160.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-16.160.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-16.160.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-16.160.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-16.160.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-16.160.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2023-0461", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0461", }, ], notes: [ { category: "general", text: "There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.\n\nThere is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.\n\nWhen CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.\n\nThe setsockopt TCP_ULP operation does not require any privilege.\n\nWe recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0461", url: "https://www.suse.com/security/cve/CVE-2023-0461", }, { category: "external", summary: "SUSE Bug 1208787 for CVE-2023-0461", url: "https://bugzilla.suse.com/1208787", }, { category: "external", summary: "SUSE Bug 1208911 for CVE-2023-0461", url: "https://bugzilla.suse.com/1208911", }, { category: "external", summary: "SUSE Bug 1211833 for CVE-2023-0461", url: "https://bugzilla.suse.com/1211833", }, { category: "external", summary: "SUSE Bug 1217079 for CVE-2023-0461", url: "https://bugzilla.suse.com/1217079", }, { category: "external", summary: "SUSE Bug 1218514 for CVE-2023-0461", url: "https://bugzilla.suse.com/1218514", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-12-15T10:41:00Z", details: "important", }, ], title: "CVE-2023-0461", }, { cve: "CVE-2023-31083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-31083", }, ], notes: [ { category: "general", text: "An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-31083", url: "https://www.suse.com/security/cve/CVE-2023-31083", }, { category: "external", summary: "SUSE Bug 1210780 for CVE-2023-31083", url: "https://bugzilla.suse.com/1210780", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-12-15T10:41:00Z", details: "moderate", }, ], title: "CVE-2023-31083", }, { cve: "CVE-2023-39197", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-39197", }, ], notes: [ { category: "general", text: "An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-39197", url: "https://www.suse.com/security/cve/CVE-2023-39197", }, { category: "external", summary: "SUSE Bug 1216976 for CVE-2023-39197", url: "https://bugzilla.suse.com/1216976", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2023-39197", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-12-15T10:41:00Z", details: "low", }, ], title: "CVE-2023-39197", }, { cve: "CVE-2023-39198", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-39198", }, ], notes: [ { category: "general", text: "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-39198", url: "https://www.suse.com/security/cve/CVE-2023-39198", }, { category: "external", summary: "SUSE Bug 1216965 for CVE-2023-39198", url: "https://bugzilla.suse.com/1216965", }, { category: "external", summary: "SUSE Bug 1217116 for CVE-2023-39198", url: "https://bugzilla.suse.com/1217116", }, { category: "external", summary: "SUSE Bug 1219703 for CVE-2023-39198", url: "https://bugzilla.suse.com/1219703", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-12-15T10:41:00Z", details: "important", }, ], title: "CVE-2023-39198", }, { cve: "CVE-2023-45863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-45863", }, ], notes: [ { category: "general", text: "An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-45863", url: "https://www.suse.com/security/cve/CVE-2023-45863", }, { category: "external", summary: "SUSE Bug 1216058 for CVE-2023-45863", url: "https://bugzilla.suse.com/1216058", }, { category: "external", summary: "SUSE Bug 1220015 for CVE-2023-45863", url: "https://bugzilla.suse.com/1220015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-12-15T10:41:00Z", details: "moderate", }, ], title: "CVE-2023-45863", }, { cve: "CVE-2023-45871", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-45871", }, ], notes: [ { category: "general", text: "An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-45871", url: "https://www.suse.com/security/cve/CVE-2023-45871", }, { category: "external", summary: "SUSE Bug 1216259 for CVE-2023-45871", url: "https://bugzilla.suse.com/1216259", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-12-15T10:41:00Z", details: "moderate", }, ], title: "CVE-2023-45871", }, { cve: "CVE-2023-5717", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-5717", }, ], notes: [ { category: "general", text: "A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\n\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\n\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-5717", url: "https://www.suse.com/security/cve/CVE-2023-5717", }, { category: "external", summary: "SUSE Bug 1216584 for CVE-2023-5717", url: "https://bugzilla.suse.com/1216584", }, { category: "external", summary: "SUSE Bug 1216644 for CVE-2023-5717", url: "https://bugzilla.suse.com/1216644", }, { category: "external", summary: "SUSE Bug 1217557 for CVE-2023-5717", url: "https://bugzilla.suse.com/1217557", }, { category: "external", summary: "SUSE Bug 1219697 for CVE-2023-5717", url: "https://bugzilla.suse.com/1219697", }, { category: "external", summary: "SUSE Bug 1220191 for CVE-2023-5717", url: "https://bugzilla.suse.com/1220191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.160.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.160.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.160.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2023-12-15T10:41:00Z", details: "important", }, ], title: "CVE-2023-5717", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.