suse-su-2022:3929-1
Vulnerability from csaf_suse
Published
2022-11-10 09:20
Modified
2022-11-10 09:20
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15-SP3 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in ax88179_178a devices (bnc#1202686 bsc#1196018).
- CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bnc#1198702).
- CVE-2022-2153: Fixed vulnerability in KVM that could allow an unprivileged local attacker on the host to cause DoS (bnc#1200788).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6 handler (bnc#1204354).
- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could lead to local privilege escalation or DoS (bnc#1202700).
- CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE (bnc#1203391).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(), gru_fault() and gru_handle_user_call_os() that could lead to kernel panic (bsc#1204166).
- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device driver that could lead to local privilege escalation or DoS (bnc#1204470).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bnc#1204439).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in drivers/net/usb/r8152.c (bnc#1204479).
- CVE-2022-3621: Fixed null pointer dereference in nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3625: Fixed use-after-free in devlink_param_set()/devlink_param_get() in net/core/devlink.c (bnc#1204637).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in net/vmw_vsock/af_vsock.c (bnc#1204635).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow unprivileged guest users to compromise the guest kernel via TLB flush operations on preempted vCPU (bnc#1203066).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bnc#1204168).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
- ACPI: APEI: do not add task_work to kernel thread to avoid memory leak (git-fixes).
- ACPI: HMAT: Release platform device in case of platform_device_add_data() fails (git-fixes).
- ACPI: extlog: Handle multiple records (git-fixes).
- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() (git-fixes).
- ALSA: aoa: Fix I2S device accounting (git-fixes).
- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() (git-fixes).
- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- ALSA: au88x0: use explicitly signed char (git-fixes).
- ALSA: dmaengine: increment buffer pointer atomically (git-fixes).
- ALSA: hda/hdmi: Do not skip notification handling during PM operation (git-fixes).
- ALSA: hda/realtek: Add Intel Reference SSID to support headset keys (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 (git-fixes).
- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- ALSA: rme9652: use explicitly signed char (git-fixes).
- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API (git-fixes).
- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe (git-fixes).
- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() (git-fixes).
- Bluetooth: hci_core: Fix not handling link timeouts propertly (git-fixes).
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times (git-fixes).
- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
- HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- HID: multitouch: Add memory barriers (git-fixes).
- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (git-fixes)
- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)
- IB/core: Only update PKEY and GID caches on respective events (git-fixes)
- IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
- IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes)
- IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() (git-fixes)
- IB/mlx4: Add support for REJ due to timeout (git-fixes)
- IB/mlx4: Use port iterator and validation APIs (git-fixes)
- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields (git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
- IB/srpt: Remove redundant assignment to ret (git-fixes)
- Input: i8042 - fix refount leak on sparc (git-fixes).
- Input: xpad - add supported devices as contributed on github (git-fixes).
- Input: xpad - fix wireless 360 controller breaking after suspend (git-fixes).
- KVM: nVMX: Unconditionally purge queued/injected events on nested 'exit' (git-fixes).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- KVM: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).
- KVM: s390: clear kicked_mask before sleeping again (git-fixes).
- KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu (git-fixes).
- KVM: s390: pv: do not present the ecall interrupt twice (git-fixes).
- KVM: s390: split kvm_s390_real_to_abs (git-fixes).
- KVM: s390x: fix SCK locking (git-fixes).
- KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility (git-fixes).
- PCI: Dynamically map ECAM regions (bsc#1204382).
- PCI: Fix used_buses calculation in pci_scan_child_bus_extend() (git-fixes).
- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge (git-fixes).
- PM: domains: Fix handling of unavailable/disabled idle states (git-fixes).
- PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- RDMA/bnxt_re: Add missing spin lock initialization (git-fixes)
- RDMA/bnxt_re: Fix query SRQ failure (git-fixes)
- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests (git-fixes)
- RDMA/cma: Fix arguments order in net device validation (git-fixes)
- RDMA/core: Sanitize WQ state received from the userspace (git-fixes)
- RDMA/cxgb4: Remove MW support (git-fixes)
- RDMA/efa: Free IRQ vectors on error flow (git-fixes)
- RDMA/efa: Remove double QP type assignment (git-fixes)
- RDMA/efa: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes)
- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP (git-fixes)
- RDMA/i40iw: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/iwcm: Release resources if iw_cm module initialization fails (git-fixes)
- RDMA/mlx4: Return missed an error if device does not support steering (git-fixes)
- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes)
- RDMA/mlx5: Block FDB rules when not in switchdev mode (git-fixes)
- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine (git-fixes)
- RDMA/mlx5: Make mkeys always owned by the kernel's PD when not enabled (git-fixes)
- RDMA/mlx5: Set user priority for DCT (git-fixes)
- RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create() (git-fixes)
- RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
- RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
- RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL (git-fixes)
- RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
- RDMA/rxe: Fix 'kernel NULL pointer dereference' error (git-fixes)
- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- RDMA/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)
- RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
- RDMA/rxe: Fix failure during driver load (git-fixes)
- RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)
- RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)
- RDMA/rxe: Fix redundant skb_put_zero (git-fixes)
- RDMA/rxe: Fix rnr retry behavior (git-fixes)
- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
- RDMA/rxe: Fix wrong port_cap_flags (git-fixes)
- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes)
- RDMA/rxe: Remove unused pkt->offset (git-fixes)
- RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
- RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string (git-fixes)
- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes)
- RDMA/siw: Fix a condition race issue in MPA request processing (git-fixes)
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes)
- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMA: Verify port when creating flow rule (git-fixes)
- RDMA: remove useless condition in siw_create_cq() (git-fixes)
- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
- Revert 'usb: storage: Add quirk for Samsung Fit flash' (git-fixes).
- Revert 'usb: storage: Add quirk for Samsung Fit flash' (git-fixes).
- USB: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).
- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).
- arm64: assembler: add cond_yield macro (git-fixes)
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number (git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion (git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration (git-fixes).
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent (git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents (git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe (git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate (git-fixes).
- crypto: akcipher - default implementation for setting a private key (git-fixes).
- crypto: arm64/sha - fix function types (git-fixes)
- crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister (git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() (git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property (git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() (git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() (git-fixes).
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/udl: Restore display mode on resume (git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer (git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset (git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of for_each_available_child_of_node() (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053 bsc#1201725).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups (git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() (git-fixes).
- gpio: rockchip: request GPIO mux to pinctrl when setting direction (git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in hidpp_connect_event (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel ABI (git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch (git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq (git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap (git-fixes).
- kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: sink stdout from cmd for silent build (git-fixes).
- kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21 (jsc#SLE-24559).
- kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall (git-fixes).
- locking/csd_lock: Change csdlock_debug from early_param to __setup (git-fixes).
- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values (git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' (git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init (git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() (git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq() (git-fixes).
- mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- mm, memcg: avoid stale protection values when cgroup is above protection (bsc#1204754).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page (bsc#1204575).
- mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim (bsc#1204754).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card (git-fixes).
- mmc: core: Replace with already defined values for readability (git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() (git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap() in the probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config (git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct() (git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- phy: qualcomm: call clk_disable_unprepare in the error handling (git-fixes).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback (git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback (git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering (git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type() (git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/fadump: align destination address to pagesize (bsc#1204728 ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() (jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h (bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs() (bsc#1065729).
- powerpc/pseries: Interface to represent PAPR firmware attributes (bsc#1200465 ltc#197256 jsc#PED-1931).
- quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).
- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register() (git-fixes).
- s390/hypfs: avoid error message under KVM (bsc#1032323).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() (git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask() (git-fixes).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465 ltc#197256 jsc#PED-1931).
- selftests/powerpc: Skip energy_scale_info test on older firmware (git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node' (git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).
- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe (git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() (git-fixes).
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() (git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- struct pci_config_window kABI workaround (bsc#1204382).
- thermal: intel_powerclamp: Use first online CPU as control_cpu (git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c (git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() (git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure (git-fixes).
- wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() (git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level (git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() (git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh (git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on fast-rx (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask (git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() (git-fixes).
- xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).
- xfs: enable big timestamps (bsc#1203387).
- xfs: enable new inode btree counters feature (bsc#1203387).
- xfs: explicitly define inode timestamp range (bsc#1203387).
- xfs: fix memory corruption during remote attr value buffer invalidation (git-fixes).
- xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).
- xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).
- xfs: move incore structures out of xfs_da_format.h (git-fixes).
- xfs: quota: move to time64_t interfaces (bsc#1203387).
- xfs: redefine xfs_ictimestamp_t (bsc#1203387).
- xfs: redefine xfs_timestamp_t (bsc#1203387).
- xfs: refactor remote attr value buffer invalidation (git-fixes).
- xfs: remove obsolete AGF counter debugging (git-fixes).
- xfs: rename `new' to `delta' in xfs_growfs_data_private() (git-fixes).
- xfs: reserve data and rt quota at the same time (bsc#1203496).
- xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).
- xfs: store inode btree block counts in AGI header (bsc#1203387).
- xfs: streamline xfs_attr3_leaf_inactive (git-fixes).
- xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).
- xfs: use the finobt block counts to speed up mount times (bsc#1203387).
- xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).
- xfs: widen ondisk quota expiration timestamps to handle y2038+ (bsc#1203387).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
Patchnames
SUSE-2022-3929,SUSE-SLE-Module-RT-15-SP3-2022-3929,SUSE-SUSE-MicroOS-5.1-2022-3929,SUSE-SUSE-MicroOS-5.2-2022-3929,openSUSE-Leap-Micro-5.2-2022-3929
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15-SP3 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in ax88179_178a devices (bnc#1202686 bsc#1196018).\n- CVE-2021-4037: Fixed function logic vulnerability that allowed local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set (bnc#1198702).\n- CVE-2022-2153: Fixed vulnerability in KVM that could allow an unprivileged local attacker on the host to cause DoS (bnc#1200788).\n- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6 handler (bnc#1204354).\n- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could lead to local privilege escalation or DoS (bnc#1202700).\n- CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE (bnc#1203391).\n- CVE-2022-3521: Fixed race condition in kcm_tx_work() in net/kcm/kcmsock.c (bnc#1204355).\n- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(), gru_fault() and gru_handle_user_call_os() that could lead to kernel panic (bsc#1204166).\n- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).\n- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).\n- CVE-2022-3545: Fixed use-after-free in area_cache_get() in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).\n- CVE-2022-3565: Fixed use-after-free in del_timer() in drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).\n- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device driver that could lead to local privilege escalation or DoS (bnc#1204470).\n- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bnc#1204439).\n- CVE-2022-3594: Fixed excessive data logging in intr_callback() in drivers/net/usb/r8152.c (bnc#1204479).\n- CVE-2022-3621: Fixed null pointer dereference in nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).\n- CVE-2022-3625: Fixed use-after-free in devlink_param_set()/devlink_param_get() in net/core/devlink.c (bnc#1204637).\n- CVE-2022-3629: Fixed memory leak in vsock_connect() in net/vmw_vsock/af_vsock.c (bnc#1204635).\n- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in net/bluetooth/l2cap_core.c (bnc#1204619).\n- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in fs/nilfs2/segment.c (bnc#1204646).\n- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in fs/nilfs2/inode.c (bnc#1204647).\n- CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow unprivileged guest users to compromise the guest kernel via TLB flush operations on preempted vCPU (bnc#1203066).\n- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf anon_vma double reuse (bnc#1204168).\n- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor\u0027s internal memory (bnc#1204653).\n\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: do not add task_work to kernel thread to avoid memory leak (git-fixes).\n- ACPI: HMAT: Release platform device in case of platform_device_add_data() fails (git-fixes).\n- ACPI: extlog: Handle multiple records (git-fixes).\n- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).\n- ALSA: Use del_timer_sync() before freeing timer (git-fixes).\n- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() (git-fixes).\n- ALSA: aoa: Fix I2S device accounting (git-fixes).\n- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() (git-fixes).\n- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).\n- ALSA: au88x0: use explicitly signed char (git-fixes).\n- ALSA: dmaengine: increment buffer pointer atomically (git-fixes).\n- ALSA: hda/hdmi: Do not skip notification handling during PM operation (git-fixes).\n- ALSA: hda/realtek: Add Intel Reference SSID to support headset keys (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).\n- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).\n- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 (git-fixes).\n- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).\n- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).\n- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).\n- ALSA: rme9652: use explicitly signed char (git-fixes).\n- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).\n- ALSA: usb-audio: Fix potential memory leaks (git-fixes).\n- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API (git-fixes).\n- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).\n- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe (git-fixes).\n- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).\n- ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).\n- ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).\n- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).\n- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).\n- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).\n- Bluetooth: L2CAP: Fix user-after-free (git-fixes).\n- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() (git-fixes).\n- Bluetooth: hci_core: Fix not handling link timeouts propertly (git-fixes).\n- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times (git-fixes).\n- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).\n- HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).\n- HID: multitouch: Add memory barriers (git-fixes).\n- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).\n- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).\n- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).\n- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (git-fixes)\n- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)\n- IB/core: Only update PKEY and GID caches on respective events (git-fixes)\n- IB/hfi1: Adjust pkey entry in index 0 (git-fixes)\n- IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes)\n- IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs() (git-fixes)\n- IB/mlx4: Add support for REJ due to timeout (git-fixes)\n- IB/mlx4: Use port iterator and validation APIs (git-fixes)\n- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields (git-fixes)\n- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)\n- IB/srpt: Remove redundant assignment to ret (git-fixes)\n- Input: i8042 - fix refount leak on sparc (git-fixes).\n- Input: xpad - add supported devices as contributed on github (git-fixes).\n- Input: xpad - fix wireless 360 controller breaking after suspend (git-fixes).\n- KVM: nVMX: Unconditionally purge queued/injected events on nested \u0027exit\u0027 (git-fixes).\n- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).\n- KVM: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).\n- KVM: s390: clear kicked_mask before sleeping again (git-fixes).\n- KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu (git-fixes).\n- KVM: s390: pv: do not present the ecall interrupt twice (git-fixes).\n- KVM: s390: split kvm_s390_real_to_abs (git-fixes).\n- KVM: s390x: fix SCK locking (git-fixes).\n- KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility (git-fixes).\n- PCI: Dynamically map ECAM regions (bsc#1204382).\n- PCI: Fix used_buses calculation in pci_scan_child_bus_extend() (git-fixes).\n- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge (git-fixes).\n- PM: domains: Fix handling of unavailable/disabled idle states (git-fixes).\n- PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).\n- RDMA/bnxt_re: Add missing spin lock initialization (git-fixes)\n- RDMA/bnxt_re: Fix query SRQ failure (git-fixes)\n- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)\n- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests (git-fixes)\n- RDMA/cma: Fix arguments order in net device validation (git-fixes)\n- RDMA/core: Sanitize WQ state received from the userspace (git-fixes)\n- RDMA/cxgb4: Remove MW support (git-fixes)\n- RDMA/efa: Free IRQ vectors on error flow (git-fixes)\n- RDMA/efa: Remove double QP type assignment (git-fixes)\n- RDMA/efa: Use ib_umem_num_dma_pages() (git-fixes)\n- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes)\n- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP (git-fixes)\n- RDMA/i40iw: Use ib_umem_num_dma_pages() (git-fixes)\n- RDMA/iwcm: Release resources if iw_cm module initialization fails (git-fixes)\n- RDMA/mlx4: Return missed an error if device does not support steering (git-fixes)\n- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes)\n- RDMA/mlx5: Block FDB rules when not in switchdev mode (git-fixes)\n- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine (git-fixes)\n- RDMA/mlx5: Make mkeys always owned by the kernel\u0027s PD when not enabled (git-fixes)\n- RDMA/mlx5: Set user priority for DCT (git-fixes)\n- RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create() (git-fixes)\n- RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)\n- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)\n- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)\n- RDMA/qib: Remove superfluous fallthrough statements (git-fixes)\n- RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL (git-fixes)\n- RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)\n- RDMA/rxe: Fix \u0027kernel NULL pointer dereference\u0027 error (git-fixes)\n- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)\n- RDMA/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)\n- RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)\n- RDMA/rxe: Fix failure during driver load (git-fixes)\n- RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)\n- RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)\n- RDMA/rxe: Fix redundant skb_put_zero (git-fixes)\n- RDMA/rxe: Fix rnr retry behavior (git-fixes)\n- RDMA/rxe: Fix the error caused by qp-\u003esk (git-fixes)\n- RDMA/rxe: Fix wrong port_cap_flags (git-fixes)\n- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes)\n- RDMA/rxe: Remove unused pkt-\u003eoffset (git-fixes)\n- RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)\n- RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string (git-fixes)\n- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes)\n- RDMA/siw: Fix a condition race issue in MPA request processing (git-fixes)\n- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes)\n- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)\n- RDMA/usnic: fix set-but-not-unused variable \u0027flags\u0027 warning (git-fixes)\n- RDMA: Verify port when creating flow rule (git-fixes)\n- RDMA: remove useless condition in siw_create_cq() (git-fixes)\n- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)\n- Revert \u0027usb: storage: Add quirk for Samsung Fit flash\u0027 (git-fixes).\n- Revert \u0027usb: storage: Add quirk for Samsung Fit flash\u0027 (git-fixes).\n- USB: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).\n- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).\n- USB: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).\n- USB: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).\n- arm64: assembler: add cond_yield macro (git-fixes)\n- ata: fix ata_id_has_devslp() (git-fixes).\n- ata: fix ata_id_has_dipm() (git-fixes).\n- ata: fix ata_id_has_ncq_autosense() (git-fixes).\n- ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() (git-fixes).\n- ata: libahci_platform: Sanity check the DT child nodes number (git-fixes).\n- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).\n- can: kvaser_usb: Fix possible completions during init_completion (git-fixes).\n- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).\n- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).\n- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).\n- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path (git-fixes).\n- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).\n- clk: bcm2835: Make peripheral PLLC critical (git-fixes).\n- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration (git-fixes).\n- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).\n- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent (git-fixes).\n- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).\n- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents (git-fixes).\n- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).\n- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).\n- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).\n- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).\n- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe (git-fixes).\n- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).\n- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate (git-fixes).\n- crypto: akcipher - default implementation for setting a private key (git-fixes).\n- crypto: arm64/sha - fix function types (git-fixes)\n- crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)\n- crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)\n- crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)\n- crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)\n- crypto: cavium - prevent integer overflow loading firmware (git-fixes).\n- crypto: ccp - Release dma channels before dmaengine unrgister (git-fixes).\n- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).\n- device property: Fix documentation for *_match_string() APIs (git-fixes).\n- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() (git-fixes).\n- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure (git-fixes).\n- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property (git-fixes).\n- docs: update mediator information in CoC docs (git-fixes).\n- drivers: serial: jsm: fix some leaks in probe (git-fixes).\n- drm/amdgpu: fix initial connector audio value (git-fixes).\n- drm/bridge: Avoid uninitialized variable warning (git-fixes).\n- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).\n- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).\n- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).\n- drm/mipi-dsi: Detach devices when removing the host (git-fixes).\n- drm/msm/dpu: Fix comment typo (git-fixes).\n- drm/msm/dpu: index dpu_kms-\u003ehw_vbif using vbif_idx (git-fixes).\n- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).\n- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).\n- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).\n- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).\n- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() (git-fixes).\n- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() (git-fixes).\n- drm/omap: dss: Fix refcount leak bugs (git-fixes).\n- drm/scheduler: quieten kernel-doc warnings (git-fixes).\n- drm/udl: Restore display mode on resume (git-fixes).\n- drm: Prevent drm_copy_field() to attempt copying a NULL pointer (git-fixes).\n- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).\n- drm: bridge: adv7511: fix CEC power down control register offset (git-fixes).\n- drm: fix drm_mipi_dbi build errors (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).\n- drm:pl111: Add of_node_put() when breaking out of for_each_available_child_of_node() (git-fixes).\n- dyndbg: fix module.dyndbg handling (git-fixes).\n- dyndbg: let query-modname override actual module name (git-fixes).\n- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).\n- efi: libstub: drop pointless get_memory_map() call (git-fixes).\n- exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053 bsc#1201725).\n- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).\n- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).\n- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).\n- firmware: google: Test spinlock on panic path to avoid lockups (git-fixes).\n- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() (git-fixes).\n- gpio: rockchip: request GPIO mux to pinctrl when setting direction (git-fixes).\n- hid: hid-logitech-hidpp: avoid unnecessary assignments in hidpp_connect_event (git-fixes).\n- hwmon/coretemp: Handle large core ID value (git-fixes).\n- iio: ABI: Fix wrong format of differential capacitance channel ABI (git-fixes).\n- iio: adc: ad7923: fix channel readings for some variants (git-fixes).\n- iio: adc: at91-sama5d2_adc: check return status for pressure and touch (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).\n- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq (git-fixes).\n- iio: adc: mcp3911: use correct id bits (git-fixes).\n- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).\n- iio: inkern: only release the device node when done with it (git-fixes).\n- iio: light: tsl2583: Fix module unloading (git-fixes).\n- iio: pressure: dps310: Refactor startup procedure (git-fixes).\n- iio: pressure: dps310: Reset chip after timeout (git-fixes).\n- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap (git-fixes).\n- kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).\n- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).\n- kbuild: remove the target in signal traps when interrupted (git-fixes).\n- kbuild: sink stdout from cmd for silent build (git-fixes).\n- kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21 (jsc#SLE-24559).\n- kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).\n- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall (git-fixes).\n- locking/csd_lock: Change csdlock_debug from early_param to __setup (git-fixes).\n- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).\n- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).\n- mac802154: Fix LQI recording (git-fixes).\n- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).\n- media: cedrus: Set the platform driver data earlier (git-fixes).\n- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).\n- media: v4l2-dv-timings: add sanity checks for blanking values (git-fixes).\n- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check \u0027interlaced\u0027 (git-fixes).\n- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init (git-fixes).\n- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).\n- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() (git-fixes).\n- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq() (git-fixes).\n- mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() (git-fixes).\n- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init() (git-fixes).\n- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).\n- mfd: sm501: Add check for platform_driver_register() (git-fixes).\n- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).\n- mm, memcg: avoid stale protection values when cgroup is above protection (bsc#1204754).\n- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page (bsc#1204575).\n- mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim (bsc#1204754).\n- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).\n- mmc: core: Fix kernel panic when remove non-standard SDIO card (git-fixes).\n- mmc: core: Replace with already defined values for readability (git-fixes).\n- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).\n- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).\n- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).\n- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() (git-fixes).\n- mtd: devices: docg3: check the return value of devm_ioremap() in the probe (git-fixes).\n- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).\n- mtd: rawnand: marvell: Use correct logic for nand-keep-config (git-fixes).\n- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct() (git-fixes).\n- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).\n- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).\n- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).\n- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).\n- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).\n- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).\n- openvswitch: switch from WARN to pr_warn (git-fixes).\n- phy: qualcomm: call clk_disable_unprepare in the error handling (git-fixes).\n- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).\n- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback (git-fixes).\n- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).\n- pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback (git-fixes).\n- platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading (git-fixes).\n- platform/x86: msi-laptop: Fix old-ec check for backlight registering (git-fixes).\n- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).\n- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type() (git-fixes).\n- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).\n- powerpc/fadump: align destination address to pagesize (bsc#1204728 ltc#200074).\n- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() (jsc#SLE-13847 git-fixes).\n- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).\n- powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h (bsc#1065729).\n- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).\n- powerpc/powernv: add missing of_node_put() in opal_export_attrs() (bsc#1065729).\n- powerpc/pseries: Interface to represent PAPR firmware attributes (bsc#1200465 ltc#197256 jsc#PED-1931).\n- quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).\n- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).\n- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).\n- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register() (git-fixes).\n- s390/hypfs: avoid error message under KVM (bsc#1032323).\n- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).\n- sbitmap: fix possible io hung due to lost wakeup (git-fixes).\n- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() (git-fixes).\n- scsi: mpt3sas: Fix return value check of dma_get_required_mask() (git-fixes).\n- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).\n- selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465 ltc#197256 jsc#PED-1931).\n- selftests/powerpc: Skip energy_scale_info test on older firmware (git-fixes).\n- soc: qcom: smem_state: Add refcounting for the \u0027state-\u003eof_node\u0027 (git-fixes).\n- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).\n- soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() (git-fixes).\n- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe (git-fixes).\n- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).\n- spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() (git-fixes).\n- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() (git-fixes).\n- spi: s3c64xx: Fix large transfers with DMA (git-fixes).\n- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() (git-fixes).\n- staging: vt6655: fix potential memory leak (git-fixes).\n- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).\n- struct pci_config_window kABI workaround (bsc#1204382).\n- thermal: intel_powerclamp: Use first online CPU as control_cpu (git-fixes).\n- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (git-fixes).\n- tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown (git-fixes).\n- tty: xilinx_uartps: Fix the ignore_status (git-fixes).\n- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).\n- uas: ignore UAS for Thinkplus chips (git-fixes).\n- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).\n- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).\n- usb: bdc: change state when port disconnected (git-fixes).\n- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).\n- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).\n- usb: gadget: function: fix dangling pnp_string in f_printer.c (git-fixes).\n- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() (git-fixes).\n- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).\n- usb: mon: make mmapped memory read only (git-fixes).\n- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).\n- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).\n- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).\n- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure (git-fixes).\n- wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() (git-fixes).\n- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).\n- wifi: brcmfmac: fix invalid address access when enabling SCAN log level (git-fixes).\n- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() (git-fixes).\n- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).\n- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes).\n- wifi: mac80211: allow bw change during channel switch in mesh (git-fixes).\n- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on fast-rx (git-fixes).\n- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).\n- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).\n- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).\n- wifi: rt2x00: set SoC wmac clock register (git-fixes).\n- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).\n- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).\n- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).\n- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).\n- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).\n- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask (git-fixes).\n- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).\n- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() (git-fixes).\n- xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).\n- xfs: enable big timestamps (bsc#1203387).\n- xfs: enable new inode btree counters feature (bsc#1203387).\n- xfs: explicitly define inode timestamp range (bsc#1203387).\n- xfs: fix memory corruption during remote attr value buffer invalidation (git-fixes).\n- xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).\n- xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).\n- xfs: move incore structures out of xfs_da_format.h (git-fixes).\n- xfs: quota: move to time64_t interfaces (bsc#1203387).\n- xfs: redefine xfs_ictimestamp_t (bsc#1203387).\n- xfs: redefine xfs_timestamp_t (bsc#1203387).\n- xfs: refactor remote attr value buffer invalidation (git-fixes).\n- xfs: remove obsolete AGF counter debugging (git-fixes).\n- xfs: rename `new\u0027 to `delta\u0027 in xfs_growfs_data_private() (git-fixes).\n- xfs: reserve data and rt quota at the same time (bsc#1203496).\n- xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).\n- xfs: store inode btree block counts in AGI header (bsc#1203387).\n- xfs: streamline xfs_attr3_leaf_inactive (git-fixes).\n- xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).\n- xfs: use the finobt block counts to speed up mount times (bsc#1203387).\n- xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).\n- xfs: widen ondisk quota expiration timestamps to handle y2038+ (bsc#1203387).\n- xhci: Do not show warning for reinit on known broken suspend (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3929,SUSE-SLE-Module-RT-15-SP3-2022-3929,SUSE-SUSE-MicroOS-5.1-2022-3929,SUSE-SUSE-MicroOS-5.2-2022-3929,openSUSE-Leap-Micro-5.2-2022-3929",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3929-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3929-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223929-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3929-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/012867.html"
},
{
"category": "self",
"summary": "SUSE Bug 1032323",
"url": "https://bugzilla.suse.com/1032323"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1196018",
"url": "https://bugzilla.suse.com/1196018"
},
{
"category": "self",
"summary": "SUSE Bug 1198702",
"url": "https://bugzilla.suse.com/1198702"
},
{
"category": "self",
"summary": "SUSE Bug 1200465",
"url": "https://bugzilla.suse.com/1200465"
},
{
"category": "self",
"summary": "SUSE Bug 1200788",
"url": "https://bugzilla.suse.com/1200788"
},
{
"category": "self",
"summary": "SUSE Bug 1201725",
"url": "https://bugzilla.suse.com/1201725"
},
{
"category": "self",
"summary": "SUSE Bug 1202686",
"url": "https://bugzilla.suse.com/1202686"
},
{
"category": "self",
"summary": "SUSE Bug 1202700",
"url": "https://bugzilla.suse.com/1202700"
},
{
"category": "self",
"summary": "SUSE Bug 1203066",
"url": "https://bugzilla.suse.com/1203066"
},
{
"category": "self",
"summary": "SUSE Bug 1203098",
"url": "https://bugzilla.suse.com/1203098"
},
{
"category": "self",
"summary": "SUSE Bug 1203387",
"url": "https://bugzilla.suse.com/1203387"
},
{
"category": "self",
"summary": "SUSE Bug 1203391",
"url": "https://bugzilla.suse.com/1203391"
},
{
"category": "self",
"summary": "SUSE Bug 1203496",
"url": "https://bugzilla.suse.com/1203496"
},
{
"category": "self",
"summary": "SUSE Bug 1204053",
"url": "https://bugzilla.suse.com/1204053"
},
{
"category": "self",
"summary": "SUSE Bug 1204166",
"url": "https://bugzilla.suse.com/1204166"
},
{
"category": "self",
"summary": "SUSE Bug 1204168",
"url": "https://bugzilla.suse.com/1204168"
},
{
"category": "self",
"summary": "SUSE Bug 1204354",
"url": "https://bugzilla.suse.com/1204354"
},
{
"category": "self",
"summary": "SUSE Bug 1204355",
"url": "https://bugzilla.suse.com/1204355"
},
{
"category": "self",
"summary": "SUSE Bug 1204382",
"url": "https://bugzilla.suse.com/1204382"
},
{
"category": "self",
"summary": "SUSE Bug 1204402",
"url": "https://bugzilla.suse.com/1204402"
},
{
"category": "self",
"summary": "SUSE Bug 1204415",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "self",
"summary": "SUSE Bug 1204417",
"url": "https://bugzilla.suse.com/1204417"
},
{
"category": "self",
"summary": "SUSE Bug 1204431",
"url": "https://bugzilla.suse.com/1204431"
},
{
"category": "self",
"summary": "SUSE Bug 1204439",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "self",
"summary": "SUSE Bug 1204470",
"url": "https://bugzilla.suse.com/1204470"
},
{
"category": "self",
"summary": "SUSE Bug 1204479",
"url": "https://bugzilla.suse.com/1204479"
},
{
"category": "self",
"summary": "SUSE Bug 1204574",
"url": "https://bugzilla.suse.com/1204574"
},
{
"category": "self",
"summary": "SUSE Bug 1204575",
"url": "https://bugzilla.suse.com/1204575"
},
{
"category": "self",
"summary": "SUSE Bug 1204619",
"url": "https://bugzilla.suse.com/1204619"
},
{
"category": "self",
"summary": "SUSE Bug 1204635",
"url": "https://bugzilla.suse.com/1204635"
},
{
"category": "self",
"summary": "SUSE Bug 1204637",
"url": "https://bugzilla.suse.com/1204637"
},
{
"category": "self",
"summary": "SUSE Bug 1204646",
"url": "https://bugzilla.suse.com/1204646"
},
{
"category": "self",
"summary": "SUSE Bug 1204647",
"url": "https://bugzilla.suse.com/1204647"
},
{
"category": "self",
"summary": "SUSE Bug 1204653",
"url": "https://bugzilla.suse.com/1204653"
},
{
"category": "self",
"summary": "SUSE Bug 1204728",
"url": "https://bugzilla.suse.com/1204728"
},
{
"category": "self",
"summary": "SUSE Bug 1204753",
"url": "https://bugzilla.suse.com/1204753"
},
{
"category": "self",
"summary": "SUSE Bug 1204754",
"url": "https://bugzilla.suse.com/1204754"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4037 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28748 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2964 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2978 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3176 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3424 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3521 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3524 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3535 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3542 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3565 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3577 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3594 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3621 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3625 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3629 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3640 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3646 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3649 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3649/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39189 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-42703 page",
"url": "https://www.suse.com/security/cve/CVE-2022-42703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43750 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43750/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2022-11-10T09:20:54Z",
"generator": {
"date": "2022-11-10T09:20:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3929-1",
"initial_release_date": "2022-11-10T09:20:54Z",
"revision_history": [
{
"date": "2022-11-10T09:20:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-150300.109.1.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-150300.109.1.noarch",
"product_id": "kernel-devel-rt-5.3.18-150300.109.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-150300.109.1.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-150300.109.1.noarch",
"product_id": "kernel-source-rt-5.3.18-150300.109.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt-devel-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt-extra-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt-optional-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt_debug-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-optional-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-rt_debug-optional-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-rt_debug-optional-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"product_id": "kernel-syms-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-150300.109.1.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-150300.109.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-150300.109.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-150300.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-150300.109.1.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-150300.109.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP3",
"product": {
"name": "SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap Micro 5.2",
"product": {
"name": "openSUSE Leap Micro 5.2",
"product_id": "openSUSE Leap Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap-micro:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-150300.109.1.noarch as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-150300.109.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-150300.109.1.noarch as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-150300.109.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Real Time Module 15 SP3",
"product_id": "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.109.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-150300.109.1.x86_64 as component of openSUSE Leap Micro 5.2",
"product_id": "openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
},
"product_reference": "kernel-rt-5.3.18-150300.109.1.x86_64",
"relates_to_product_reference": "openSUSE Leap Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4037"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4037",
"url": "https://www.suse.com/security/cve/CVE-2021-4037"
},
{
"category": "external",
"summary": "SUSE Bug 1198702 for CVE-2021-4037",
"url": "https://bugzilla.suse.com/1198702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2021-4037"
},
{
"cve": "CVE-2022-2153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2153"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2153",
"url": "https://www.suse.com/security/cve/CVE-2022-2153"
},
{
"category": "external",
"summary": "SUSE Bug 1200788 for CVE-2022-2153",
"url": "https://bugzilla.suse.com/1200788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-2153"
},
{
"cve": "CVE-2022-28748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28748"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2964. Reason: This candidate is a reservation duplicate of CVE-2022-2964. Notes: All CVE users should reference CVE-2022-2964 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28748",
"url": "https://www.suse.com/security/cve/CVE-2022-28748"
},
{
"category": "external",
"summary": "SUSE Bug 1196018 for CVE-2022-28748",
"url": "https://bugzilla.suse.com/1196018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-28748"
},
{
"cve": "CVE-2022-2964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2964"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2964",
"url": "https://www.suse.com/security/cve/CVE-2022-2964"
},
{
"category": "external",
"summary": "SUSE Bug 1202686 for CVE-2022-2964",
"url": "https://bugzilla.suse.com/1202686"
},
{
"category": "external",
"summary": "SUSE Bug 1203008 for CVE-2022-2964",
"url": "https://bugzilla.suse.com/1203008"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-2964",
"url": "https://bugzilla.suse.com/1208044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-2964"
},
{
"cve": "CVE-2022-2978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2978"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2978",
"url": "https://www.suse.com/security/cve/CVE-2022-2978"
},
{
"category": "external",
"summary": "SUSE Bug 1202700 for CVE-2022-2978",
"url": "https://bugzilla.suse.com/1202700"
},
{
"category": "external",
"summary": "SUSE Bug 1204745 for CVE-2022-2978",
"url": "https://bugzilla.suse.com/1204745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-2978"
},
{
"cve": "CVE-2022-3176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3176"
}
],
"notes": [
{
"category": "general",
"text": "There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn\u0027t handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3176",
"url": "https://www.suse.com/security/cve/CVE-2022-3176"
},
{
"category": "external",
"summary": "SUSE Bug 1203391 for CVE-2022-3176",
"url": "https://bugzilla.suse.com/1203391"
},
{
"category": "external",
"summary": "SUSE Bug 1203511 for CVE-2022-3176",
"url": "https://bugzilla.suse.com/1203511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-3176"
},
{
"cve": "CVE-2022-3424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3424"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3424",
"url": "https://www.suse.com/security/cve/CVE-2022-3424"
},
{
"category": "external",
"summary": "SUSE Bug 1204166 for CVE-2022-3424",
"url": "https://bugzilla.suse.com/1204166"
},
{
"category": "external",
"summary": "SUSE Bug 1204167 for CVE-2022-3424",
"url": "https://bugzilla.suse.com/1204167"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3424",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1212309 for CVE-2022-3424",
"url": "https://bugzilla.suse.com/1212309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-3424"
},
{
"cve": "CVE-2022-3521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3521"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3521",
"url": "https://www.suse.com/security/cve/CVE-2022-3521"
},
{
"category": "external",
"summary": "SUSE Bug 1204355 for CVE-2022-3521",
"url": "https://bugzilla.suse.com/1204355"
},
{
"category": "external",
"summary": "SUSE Bug 1217458 for CVE-2022-3521",
"url": "https://bugzilla.suse.com/1217458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3521"
},
{
"cve": "CVE-2022-3524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3524"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3524",
"url": "https://www.suse.com/security/cve/CVE-2022-3524"
},
{
"category": "external",
"summary": "SUSE Bug 1204354 for CVE-2022-3524",
"url": "https://bugzilla.suse.com/1204354"
},
{
"category": "external",
"summary": "SUSE Bug 1212320 for CVE-2022-3524",
"url": "https://bugzilla.suse.com/1212320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3524"
},
{
"cve": "CVE-2022-3535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3535"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3535",
"url": "https://www.suse.com/security/cve/CVE-2022-3535"
},
{
"category": "external",
"summary": "SUSE Bug 1204417 for CVE-2022-3535",
"url": "https://bugzilla.suse.com/1204417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3535"
},
{
"cve": "CVE-2022-3542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3542"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3542",
"url": "https://www.suse.com/security/cve/CVE-2022-3542"
},
{
"category": "external",
"summary": "SUSE Bug 1204402 for CVE-2022-3542",
"url": "https://bugzilla.suse.com/1204402"
},
{
"category": "external",
"summary": "SUSE Bug 1217458 for CVE-2022-3542",
"url": "https://bugzilla.suse.com/1217458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3542"
},
{
"cve": "CVE-2022-3545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3545"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3545",
"url": "https://www.suse.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "SUSE Bug 1204415 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204415"
},
{
"category": "external",
"summary": "SUSE Bug 1204424 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1204424"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2022-3545",
"url": "https://bugzilla.suse.com/1217531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3565"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3565",
"url": "https://www.suse.com/security/cve/CVE-2022-3565"
},
{
"category": "external",
"summary": "SUSE Bug 1204431 for CVE-2022-3565",
"url": "https://bugzilla.suse.com/1204431"
},
{
"category": "external",
"summary": "SUSE Bug 1204432 for CVE-2022-3565",
"url": "https://bugzilla.suse.com/1204432"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3565",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1212323 for CVE-2022-3565",
"url": "https://bugzilla.suse.com/1212323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-3565"
},
{
"cve": "CVE-2022-3577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3577"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3577",
"url": "https://www.suse.com/security/cve/CVE-2022-3577"
},
{
"category": "external",
"summary": "SUSE Bug 1204470 for CVE-2022-3577",
"url": "https://bugzilla.suse.com/1204470"
},
{
"category": "external",
"summary": "SUSE Bug 1204486 for CVE-2022-3577",
"url": "https://bugzilla.suse.com/1204486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-3577"
},
{
"cve": "CVE-2022-3586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3586"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3586",
"url": "https://www.suse.com/security/cve/CVE-2022-3586"
},
{
"category": "external",
"summary": "SUSE Bug 1204439 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204439"
},
{
"category": "external",
"summary": "SUSE Bug 1204576 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1204576"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212294 for CVE-2022-3586",
"url": "https://bugzilla.suse.com/1212294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-3586"
},
{
"cve": "CVE-2022-3594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3594"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3594",
"url": "https://www.suse.com/security/cve/CVE-2022-3594"
},
{
"category": "external",
"summary": "SUSE Bug 1204479 for CVE-2022-3594",
"url": "https://bugzilla.suse.com/1204479"
},
{
"category": "external",
"summary": "SUSE Bug 1217458 for CVE-2022-3594",
"url": "https://bugzilla.suse.com/1217458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3594"
},
{
"cve": "CVE-2022-3621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3621"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3621",
"url": "https://www.suse.com/security/cve/CVE-2022-3621"
},
{
"category": "external",
"summary": "SUSE Bug 1204574 for CVE-2022-3621",
"url": "https://bugzilla.suse.com/1204574"
},
{
"category": "external",
"summary": "SUSE Bug 1212295 for CVE-2022-3621",
"url": "https://bugzilla.suse.com/1212295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3621"
},
{
"cve": "CVE-2022-3625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3625"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3625",
"url": "https://www.suse.com/security/cve/CVE-2022-3625"
},
{
"category": "external",
"summary": "SUSE Bug 1204637 for CVE-2022-3625",
"url": "https://bugzilla.suse.com/1204637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3625"
},
{
"cve": "CVE-2022-3629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3629"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3629",
"url": "https://www.suse.com/security/cve/CVE-2022-3629"
},
{
"category": "external",
"summary": "SUSE Bug 1204635 for CVE-2022-3629",
"url": "https://bugzilla.suse.com/1204635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-3629"
},
{
"cve": "CVE-2022-3640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3640"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3640",
"url": "https://www.suse.com/security/cve/CVE-2022-3640"
},
{
"category": "external",
"summary": "SUSE Bug 1204619 for CVE-2022-3640",
"url": "https://bugzilla.suse.com/1204619"
},
{
"category": "external",
"summary": "SUSE Bug 1204624 for CVE-2022-3640",
"url": "https://bugzilla.suse.com/1204624"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-3640",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-3640"
},
{
"cve": "CVE-2022-3646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3646"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3646",
"url": "https://www.suse.com/security/cve/CVE-2022-3646"
},
{
"category": "external",
"summary": "SUSE Bug 1204646 for CVE-2022-3646",
"url": "https://bugzilla.suse.com/1204646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "low"
}
],
"title": "CVE-2022-3646"
},
{
"cve": "CVE-2022-3649",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3649"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3649",
"url": "https://www.suse.com/security/cve/CVE-2022-3649"
},
{
"category": "external",
"summary": "SUSE Bug 1204647 for CVE-2022-3649",
"url": "https://bugzilla.suse.com/1204647"
},
{
"category": "external",
"summary": "SUSE Bug 1212318 for CVE-2022-3649",
"url": "https://bugzilla.suse.com/1212318"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "low"
}
],
"title": "CVE-2022-3649"
},
{
"cve": "CVE-2022-39189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39189"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39189",
"url": "https://www.suse.com/security/cve/CVE-2022-39189"
},
{
"category": "external",
"summary": "SUSE Bug 1203066 for CVE-2022-39189",
"url": "https://bugzilla.suse.com/1203066"
},
{
"category": "external",
"summary": "SUSE Bug 1203067 for CVE-2022-39189",
"url": "https://bugzilla.suse.com/1203067"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-39189",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-42703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-42703"
}
],
"notes": [
{
"category": "general",
"text": "mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-42703",
"url": "https://www.suse.com/security/cve/CVE-2022-42703"
},
{
"category": "external",
"summary": "SUSE Bug 1202096 for CVE-2022-42703",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "external",
"summary": "SUSE Bug 1204168 for CVE-2022-42703",
"url": "https://bugzilla.suse.com/1204168"
},
{
"category": "external",
"summary": "SUSE Bug 1204170 for CVE-2022-42703",
"url": "https://bugzilla.suse.com/1204170"
},
{
"category": "external",
"summary": "SUSE Bug 1206463 for CVE-2022-42703",
"url": "https://bugzilla.suse.com/1206463"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-42703",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-42703",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "important"
}
],
"title": "CVE-2022-42703"
},
{
"cve": "CVE-2022-43750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43750"
}
],
"notes": [
{
"category": "general",
"text": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor\u0027s internal memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43750",
"url": "https://www.suse.com/security/cve/CVE-2022-43750"
},
{
"category": "external",
"summary": "SUSE Bug 1204653 for CVE-2022-43750",
"url": "https://bugzilla.suse.com/1204653"
},
{
"category": "external",
"summary": "SUSE Bug 1211484 for CVE-2022-43750",
"url": "https://bugzilla.suse.com/1211484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.109.1.noarch",
"SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.109.1.x86_64",
"SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.109.1.x86_64",
"openSUSE Leap Micro 5.2:kernel-rt-5.3.18-150300.109.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-11-10T09:20:54Z",
"details": "moderate"
}
],
"title": "CVE-2022-43750"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…