suse-su-2023:0747-1
Vulnerability from csaf_suse
Published
2023-03-15 15:56
Modified
2023-03-15 15:56
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).
- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
- CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
The following non-security bugs were fixed:
- block: bio-integrity: Copy flags when bio_integrity_payload is cloned (bsc#1208541).
- bonding: fix 802.3ad state sent to partner when unbinding slave (git-fixes).
- cpu/hotplug: Fix 'SMT disabled by BIOS' detection for KVM (git-fixes).
- do not dump the threads that had been already exiting when zapped (git-fixes).
- do not sign the vanilla kernel (bsc#1209008).
- gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() (git-fixes).
- icmp: do not fail on fragment reassembly time exceeded (git-fixes).
- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).
- ipmi: Move remove_work to dedicated workqueue (git-fixes).
- ipmi: fix initialization when workqueue allocation fails (git-fixes).
- ipmi: fix memleak when unload ipmi driver (git-fixes).
- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).
- ipmi: msghandler: Make symbol 'remove_work_wq' static (git-fixes).
- kABI: cpu/hotplug: reexport cpu_smt_control (kabi).
- kabi fix for - SUNRPC: Fix priority queue fairness (git-fixes).
- kabi fix for: NFS: Pass error information to the pgio error cleanup routine (git-fixes).
- kabi/severities: add l2tp local symbols
- kbuild: clear LDFLAGS in the top Makefile (bsc#1203200).
- kernel-module-subpackage: Fix expansion with -b parameter (bsc#1208179). When -b is specified the script is prefixed with KMP_NEEDS_MKINITRD=1 which sets the variable for a simple command. However, the script is no longer a simple command. Export the variable instead.
- kernel/sys.c: avoid copying possible padding bytes in copy_to_user (git-fixes).
- makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
- media: coda: Add check for dcoda_iram_alloc (git-fixes).
- media: coda: Add check for kmalloc (git-fixes).
- media: platform: ti: Add missing check for devm_regulator_get (git-fixes).
- net/ethernet/freescale: rework quiesce/activate for ucc_geth (git-fixes).
- net/mlx5e: Set of completion request bit should not clear other adjacent bits (git-fixes).
- net/usb: kalmia: Do not pass act_len in usb_bulk_msg error path (git-fixes).
- net: USB: Fix wrong-direction WARNING in plusb.c (git-fixes).
- net: allwinner: Fix use correct return type for ndo_start_xmit() (git-fixes).
- net: aquantia: fix RSS table and key sizes (git-fixes).
- net: bcmgenet: suppress warnings on failed Rx SKB allocations (git-fixes).
- net: bmac: Fix read of MAC address from ROM (git-fixes).
- net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans (git-fixes).
- net: qed*: Reduce RX and TX default ring count when running inside kdump kernel (git-fixes).
- net: stmmac: Fix sub-second increment (git-fixes).
- net: systemport: suppress warnings on failed Rx SKB allocations (git-fixes).
- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).
- net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (git-fixes).
- net: usb: lan78xx: do not modify phy_device state concurrently (git-fixes).
- net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- net: usb: sr9700: Handle negative len (git-fixes).
- netfilter: ipvs: Fix inappropriate output of procfs (git-fixes).
- netfilter: xt_connlimit: do not store address in the conn nodes (git-fixes).
- nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request (git-fixes).
- nfs: Pass error information to the pgio error cleanup routine (git-fixes).
- nfsd: fix handling of readdir in v4root vs. mount upcall timeout (git-fixes).
- nfsd: fix race to check ls_layouts (git-fixes).
- nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure (git-fixes).
- ocfs2: Fix data corruption after failed write (bsc#1208542).
- pNFS/filelayout: Fix coalescing test for single DS (git-fixes).
- panic: unset panic_on_warn inside panic() (git-fixes).
- powerpc/eeh: Fix use-after-release of EEH driver (bsc#1065729).
- powerpc/fscr: Enable interrupts earlier before calling get_user() (bsc#1065729).
- powerpc/powernv: Fix build error in opal-imc.c when NUMA=n (bsc#1065729).
- powerpc/powernv: IMC fix out of bounds memory access at shutdown (bsc#1065729).
- prlimit: do_prlimit needs to have a speculation check (git-fixes).
- ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (git-fixes).
- scsi: qla2xxx: Add option to disable FC2 Target support (bsc#1198438 bsc#1206103).
- scsi: qla2xxx: Check if port is online before sending ELS (bsc#1208570).
- scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (bsc#1208570).
- scsi: qla2xxx: Fix IOCB resource check warning (bsc#1208570).
- scsi: qla2xxx: Fix erroneous link down (bsc#1208570).
- scsi: qla2xxx: Fix exchange oversubscription (bsc#1208570).
- scsi: qla2xxx: Fix exchange oversubscription for management commands (bsc#1208570).
- scsi: qla2xxx: Fix link failure in NPIV environment (bsc#1208570).
- scsi: qla2xxx: Fix printk() format string (bsc#1208570).
- scsi: qla2xxx: Fix stalled login (bsc#1208570).
- scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static (bsc#1208570).
- scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).
- scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).
- scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).
- scsi: qla2xxx: Remove dead code (bsc#1208570).
- scsi: qla2xxx: Remove increment of interface err cnt (bsc#1208570).
- scsi: qla2xxx: Remove the unused variable wwn (bsc#1208570).
- scsi: qla2xxx: Remove unintended flag clearing (bsc#1208570).
- scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called (bsc#1208570).
- scsi: qla2xxx: Simplify if condition evaluation (bsc#1208570).
- scsi: qla2xxx: Update version to 10.02.08.100-k (bsc#1208570).
- scsi: qla2xxx: Update version to 10.02.08.200-k (bsc#1208570).
- scsi: qla2xxx: Use a variable for repeated mem_size computation (bsc#1208570).
- scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).
- scsi: qla2xxx: edif: Fix performance dip due to lock contention (bsc#1208570).
- scsi: qla2xxx: edif: Fix stall session after app start (bsc#1208570).
- scsi: qla2xxx: edif: Reduce memory usage during low I/O (bsc#1208570).
- signal handling: do not use BUG_ON() for debugging (git-fixes).
- sunrpc: Fix priority queue fairness (git-fixes).
- sunrpc: ensure the matching upcall is in-flight upon downcall (git-fixes).
- sunrpc: make lockless test safe (bsc#1207201).
- usb: dwc3: fix PHY disable sequence (git-fixes).
- usb: dwc3: gadget: Fix event pending check (git-fixes).
- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).
- usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).
- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).
- usb: serial: ch341: fix disabled rx timer on older devices (git-fixes).
- usb: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).
- vlan: Fix out of order vlan headers with reorder header off (git-fixes).
- vlan: Fix vlan insertion for packets without ethernet header (git-fixes).
- vxlan: Fix error path in __vxlan_dev_create() (git-fixes).
- vxlan: changelink: Fix handling of default remotes (git-fixes).
- x86/mce: Fix -Wmissing-prototypes warnings (git-fixes).
- x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
- xfrm: Copy policy family in clone_policy (git-fixes).
- xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init (git-fixes).
- xfs: Fix bulkstat compat ioctls on x32 userspace (git-fixes).
- xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init() (git-fixes).
- xfs: fix attr leaf header freemap.size underflow (git-fixes).
- xfs: fix leaks on corruption errors in xfs_bmap.c (git-fixes).
- xfs: fix mount failure crash on invalid iclog memory access (git-fixes).
- xfs: fix partially uninitialized structure in xfs_reflink_remap_extent (git-fixes).
- xfs: fix realtime bitmap/summary file truncation when growing rt volume (git-fixes).
- xfs: fix use-after-free race in xfs_buf_rele (git-fixes).
- xfs: initialize the shortform attr header padding entry (git-fixes).
- xfs: make sure the rt allocator does not run off the end (git-fixes).
- xfs: require both realtime inodes to mount (git-fixes).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
Patchnames
SUSE-2023-747,SUSE-SLE-RT-12-SP5-2023-747
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.\n\n- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).\n- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).\n- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)\n- CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).\n- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).\n- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).\n- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).\n\nThe following non-security bugs were fixed:\n\n- block: bio-integrity: Copy flags when bio_integrity_payload is cloned (bsc#1208541).\n- bonding: fix 802.3ad state sent to partner when unbinding slave (git-fixes).\n- cpu/hotplug: Fix \u0027SMT disabled by BIOS\u0027 detection for KVM (git-fixes).\n- do not dump the threads that had been already exiting when zapped (git-fixes).\n- do not sign the vanilla kernel (bsc#1209008).\n- gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() (git-fixes).\n- icmp: do not fail on fragment reassembly time exceeded (git-fixes).\n- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).\n- ipmi: Move remove_work to dedicated workqueue (git-fixes).\n- ipmi: fix initialization when workqueue allocation fails (git-fixes).\n- ipmi: fix memleak when unload ipmi driver (git-fixes).\n- ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).\n- ipmi: msghandler: Make symbol \u0027remove_work_wq\u0027 static (git-fixes).\n- kABI: cpu/hotplug: reexport cpu_smt_control (kabi).\n- kabi fix for - SUNRPC: Fix priority queue fairness (git-fixes).\n- kabi fix for: NFS: Pass error information to the pgio error cleanup routine (git-fixes).\n- kabi/severities: add l2tp local symbols\n- kbuild: clear LDFLAGS in the top Makefile (bsc#1203200).\n- kernel-module-subpackage: Fix expansion with -b parameter (bsc#1208179). When -b is specified the script is prefixed with KMP_NEEDS_MKINITRD=1 which sets the variable for a simple command. However, the script is no longer a simple command. Export the variable instead.\n- kernel/sys.c: avoid copying possible padding bytes in copy_to_user (git-fixes).\n- makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).\n- media: coda: Add check for dcoda_iram_alloc (git-fixes).\n- media: coda: Add check for kmalloc (git-fixes).\n- media: platform: ti: Add missing check for devm_regulator_get (git-fixes).\n- net/ethernet/freescale: rework quiesce/activate for ucc_geth (git-fixes).\n- net/mlx5e: Set of completion request bit should not clear other adjacent bits (git-fixes).\n- net/usb: kalmia: Do not pass act_len in usb_bulk_msg error path (git-fixes).\n- net: USB: Fix wrong-direction WARNING in plusb.c (git-fixes).\n- net: allwinner: Fix use correct return type for ndo_start_xmit() (git-fixes).\n- net: aquantia: fix RSS table and key sizes (git-fixes).\n- net: bcmgenet: suppress warnings on failed Rx SKB allocations (git-fixes).\n- net: bmac: Fix read of MAC address from ROM (git-fixes).\n- net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans (git-fixes).\n- net: qed*: Reduce RX and TX default ring count when running inside kdump kernel (git-fixes).\n- net: stmmac: Fix sub-second increment (git-fixes).\n- net: systemport: suppress warnings on failed Rx SKB allocations (git-fixes).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).\n- net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (git-fixes).\n- net: usb: lan78xx: do not modify phy_device state concurrently (git-fixes).\n- net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).\n- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).\n- net: usb: sr9700: Handle negative len (git-fixes).\n- netfilter: ipvs: Fix inappropriate output of procfs (git-fixes).\n- netfilter: xt_connlimit: do not store address in the conn nodes (git-fixes).\n- nfs: Fix nfsi-\u003enrequests count error on nfs_inode_remove_request (git-fixes).\n- nfs: Pass error information to the pgio error cleanup routine (git-fixes).\n- nfsd: fix handling of readdir in v4root vs. mount upcall timeout (git-fixes).\n- nfsd: fix race to check ls_layouts (git-fixes).\n- nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure (git-fixes).\n- ocfs2: Fix data corruption after failed write (bsc#1208542).\n- pNFS/filelayout: Fix coalescing test for single DS (git-fixes).\n- panic: unset panic_on_warn inside panic() (git-fixes).\n- powerpc/eeh: Fix use-after-release of EEH driver (bsc#1065729).\n- powerpc/fscr: Enable interrupts earlier before calling get_user() (bsc#1065729).\n- powerpc/powernv: Fix build error in opal-imc.c when NUMA=n (bsc#1065729).\n- powerpc/powernv: IMC fix out of bounds memory access at shutdown (bsc#1065729).\n- prlimit: do_prlimit needs to have a speculation check (git-fixes).\n- ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (git-fixes).\n- scsi: qla2xxx: Add option to disable FC2 Target support (bsc#1198438 bsc#1206103).\n- scsi: qla2xxx: Check if port is online before sending ELS (bsc#1208570).\n- scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (bsc#1208570).\n- scsi: qla2xxx: Fix IOCB resource check warning (bsc#1208570).\n- scsi: qla2xxx: Fix erroneous link down (bsc#1208570).\n- scsi: qla2xxx: Fix exchange oversubscription (bsc#1208570).\n- scsi: qla2xxx: Fix exchange oversubscription for management commands (bsc#1208570).\n- scsi: qla2xxx: Fix link failure in NPIV environment (bsc#1208570).\n- scsi: qla2xxx: Fix printk() format string (bsc#1208570).\n- scsi: qla2xxx: Fix stalled login (bsc#1208570).\n- scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static (bsc#1208570).\n- scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).\n- scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).\n- scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).\n- scsi: qla2xxx: Remove dead code (bsc#1208570).\n- scsi: qla2xxx: Remove increment of interface err cnt (bsc#1208570).\n- scsi: qla2xxx: Remove the unused variable wwn (bsc#1208570).\n- scsi: qla2xxx: Remove unintended flag clearing (bsc#1208570).\n- scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called (bsc#1208570).\n- scsi: qla2xxx: Simplify if condition evaluation (bsc#1208570).\n- scsi: qla2xxx: Update version to 10.02.08.100-k (bsc#1208570).\n- scsi: qla2xxx: Update version to 10.02.08.200-k (bsc#1208570).\n- scsi: qla2xxx: Use a variable for repeated mem_size computation (bsc#1208570).\n- scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).\n- scsi: qla2xxx: edif: Fix performance dip due to lock contention (bsc#1208570).\n- scsi: qla2xxx: edif: Fix stall session after app start (bsc#1208570).\n- scsi: qla2xxx: edif: Reduce memory usage during low I/O (bsc#1208570).\n- signal handling: do not use BUG_ON() for debugging (git-fixes).\n- sunrpc: Fix priority queue fairness (git-fixes).\n- sunrpc: ensure the matching upcall is in-flight upon downcall (git-fixes).\n- sunrpc: make lockless test safe (bsc#1207201).\n- usb: dwc3: fix PHY disable sequence (git-fixes).\n- usb: dwc3: gadget: Fix event pending check (git-fixes).\n- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).\n- usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).\n- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).\n- usb: serial: ch341: fix disabled rx timer on older devices (git-fixes).\n- usb: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).\n- vlan: Fix out of order vlan headers with reorder header off (git-fixes).\n- vlan: Fix vlan insertion for packets without ethernet header (git-fixes).\n- vxlan: Fix error path in __vxlan_dev_create() (git-fixes).\n- vxlan: changelink: Fix handling of default remotes (git-fixes).\n- x86/mce: Fix -Wmissing-prototypes warnings (git-fixes).\n- x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (bsc#1203200).\n- xfrm: Copy policy family in clone_policy (git-fixes).\n- xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init (git-fixes).\n- xfs: Fix bulkstat compat ioctls on x32 userspace (git-fixes).\n- xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init() (git-fixes).\n- xfs: fix attr leaf header freemap.size underflow (git-fixes).\n- xfs: fix leaks on corruption errors in xfs_bmap.c (git-fixes).\n- xfs: fix mount failure crash on invalid iclog memory access (git-fixes).\n- xfs: fix partially uninitialized structure in xfs_reflink_remap_extent (git-fixes).\n- xfs: fix realtime bitmap/summary file truncation when growing rt volume (git-fixes).\n- xfs: fix use-after-free race in xfs_buf_rele (git-fixes).\n- xfs: initialize the shortform attr header padding entry (git-fixes).\n- xfs: make sure the rt allocator does not run off the end (git-fixes).\n- xfs: require both realtime inodes to mount (git-fixes).\n- xhci: Do not show warning for reinit on known broken suspend (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-747,SUSE-SLE-RT-12-SP5-2023-747",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0747-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0747-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230747-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0747-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014045.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1194535",
"url": "https://bugzilla.suse.com/1194535"
},
{
"category": "self",
"summary": "SUSE Bug 1198438",
"url": "https://bugzilla.suse.com/1198438"
},
{
"category": "self",
"summary": "SUSE Bug 1203200",
"url": "https://bugzilla.suse.com/1203200"
},
{
"category": "self",
"summary": "SUSE Bug 1203331",
"url": "https://bugzilla.suse.com/1203331"
},
{
"category": "self",
"summary": "SUSE Bug 1205711",
"url": "https://bugzilla.suse.com/1205711"
},
{
"category": "self",
"summary": "SUSE Bug 1206103",
"url": "https://bugzilla.suse.com/1206103"
},
{
"category": "self",
"summary": "SUSE Bug 1207051",
"url": "https://bugzilla.suse.com/1207051"
},
{
"category": "self",
"summary": "SUSE Bug 1207201",
"url": "https://bugzilla.suse.com/1207201"
},
{
"category": "self",
"summary": "SUSE Bug 1207845",
"url": "https://bugzilla.suse.com/1207845"
},
{
"category": "self",
"summary": "SUSE Bug 1208179",
"url": "https://bugzilla.suse.com/1208179"
},
{
"category": "self",
"summary": "SUSE Bug 1208541",
"url": "https://bugzilla.suse.com/1208541"
},
{
"category": "self",
"summary": "SUSE Bug 1208542",
"url": "https://bugzilla.suse.com/1208542"
},
{
"category": "self",
"summary": "SUSE Bug 1208570",
"url": "https://bugzilla.suse.com/1208570"
},
{
"category": "self",
"summary": "SUSE Bug 1208700",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "self",
"summary": "SUSE Bug 1208837",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "self",
"summary": "SUSE Bug 1209008",
"url": "https://bugzilla.suse.com/1209008"
},
{
"category": "self",
"summary": "SUSE Bug 1209188",
"url": "https://bugzilla.suse.com/1209188"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-38096 page",
"url": "https://www.suse.com/security/cve/CVE-2022-38096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0597 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1118 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23559 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26545/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-03-15T15:56:31Z",
"generator": {
"date": "2023-03-15T15:56:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0747-1",
"initial_release_date": "2023-03-15T15:56:31Z",
"revision_history": [
{
"date": "2023-03-15T15:56:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.118.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.118.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.118.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.118.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.118.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.118.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.118.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.118.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.118.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.118.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.118.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.118.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.118.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.118.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.118.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.118.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.118.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.118.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4203"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4203",
"url": "https://www.suse.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1194535 for CVE-2021-4203",
"url": "https://bugzilla.suse.com/1194535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-15T15:56:31Z",
"details": "moderate"
}
],
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2022-38096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-38096"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-38096",
"url": "https://www.suse.com/security/cve/CVE-2022-38096"
},
{
"category": "external",
"summary": "SUSE Bug 1203331 for CVE-2022-38096",
"url": "https://bugzilla.suse.com/1203331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-15T15:56:31Z",
"details": "moderate"
}
],
"title": "CVE-2022-38096"
},
{
"cve": "CVE-2022-4129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4129"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4129",
"url": "https://www.suse.com/security/cve/CVE-2022-4129"
},
{
"category": "external",
"summary": "SUSE Bug 1205711 for CVE-2022-4129",
"url": "https://bugzilla.suse.com/1205711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-15T15:56:31Z",
"details": "moderate"
}
],
"title": "CVE-2022-4129"
},
{
"cve": "CVE-2023-0597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0597"
}
],
"notes": [
{
"category": "general",
"text": "A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0597",
"url": "https://www.suse.com/security/cve/CVE-2023-0597"
},
{
"category": "external",
"summary": "SUSE Bug 1207845 for CVE-2023-0597",
"url": "https://bugzilla.suse.com/1207845"
},
{
"category": "external",
"summary": "SUSE Bug 1212395 for CVE-2023-0597",
"url": "https://bugzilla.suse.com/1212395"
},
{
"category": "external",
"summary": "SUSE Bug 1213271 for CVE-2023-0597",
"url": "https://bugzilla.suse.com/1213271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-15T15:56:31Z",
"details": "moderate"
}
],
"title": "CVE-2023-0597"
},
{
"cve": "CVE-2023-1118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1118"
}
],
"notes": [
{
"category": "general",
"text": "A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1118",
"url": "https://www.suse.com/security/cve/CVE-2023-1118"
},
{
"category": "external",
"summary": "SUSE Bug 1208837 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208837"
},
{
"category": "external",
"summary": "SUSE Bug 1208910 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1208910"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1118",
"url": "https://bugzilla.suse.com/1213842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-15T15:56:31Z",
"details": "important"
}
],
"title": "CVE-2023-1118"
},
{
"cve": "CVE-2023-23559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23559"
}
],
"notes": [
{
"category": "general",
"text": "In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23559",
"url": "https://www.suse.com/security/cve/CVE-2023-23559"
},
{
"category": "external",
"summary": "SUSE Bug 1207051 for CVE-2023-23559",
"url": "https://bugzilla.suse.com/1207051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-15T15:56:31Z",
"details": "moderate"
}
],
"title": "CVE-2023-23559"
},
{
"cve": "CVE-2023-26545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26545",
"url": "https://www.suse.com/security/cve/CVE-2023-26545"
},
{
"category": "external",
"summary": "SUSE Bug 1208700 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208700"
},
{
"category": "external",
"summary": "SUSE Bug 1208909 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1208909"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-26545",
"url": "https://bugzilla.suse.com/1210423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.118.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.118.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.118.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-03-15T15:56:31Z",
"details": "important"
}
],
"title": "CVE-2023-26545"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…