suse-su-2023:1801-1
Vulnerability from csaf_suse
Published
2023-04-10 08:26
Modified
2023-04-10 08:26
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).
- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
- CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA (bsc#1209778).
- CVE-2022-20567: Fixed use after free that could lead to a local privilege escalation in pppol2tp_create of l2tp_ppp.c (bsc#1208850).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets (bsc#1208599).
- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
- CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209634).
- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/bluetooth/hci_conn.c (bsc#1209052).
- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).
The following non-security bugs were fixed:
- ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel() (git-fixes)
- Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE (git-fixes).
- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Input: atmel_mxt_ts - fix double free in mxt_read_info_block (git-fixes).
- KVM: arm64: Hide system instruction access to Trace registers (git-fixes)
- NFSv4: Fix hangs when recovering open state after a server reboot (git-fixes).
- PCI/MSI: Enforce MSI entry updates to be visible (git-fixes).
- PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes).
- PCI/MSI: Mask all unused MSI-X entries (git-fixes).
- PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).
- PCI/PM: Always return devices to D0 when thawing (git-fixes).
- PCI/PM: Avoid using device_may_wakeup() for runtime PM (git-fixes).
- PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints (git-fixes).
- PCI: Add ACS quirk for iProc PAXB (git-fixes).
- PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 (git-fixes).
- PCI: Avoid FLR for AMD Starship USB 3.0 (git-fixes).
- PCI: Make ACS quirk implementations more uniform (git-fixes).
- PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (git-fixes).
- PCI: PM: Avoid skipping bus-level PM on platforms without ACPI (git-fixes).
- PCI: Unify ACS quirk desired vs provided checking (git-fixes).
- PCI: Use pci_update_current_state() in pci_enable_device_flags() (git-fixes).
- PCI: aardvark: Do not blindly enable ASPM L0s and do not write to read-only register (git-fixes).
- PCI: aardvark: Do not rely on jiffies while holding spinlock (git-fixes).
- PCI: aardvark: Do not touch PCIe registers if no card connected (git-fixes).
- PCI: aardvark: Fix a leaked reference by adding missing of_node_put() (git-fixes).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
- PCI: aardvark: Improve link training (git-fixes).
- PCI: aardvark: Indicate error in 'val' when config read fails (git-fixes).
- PCI: aardvark: Introduce an advk_pcie_valid_device() helper (git-fixes).
- PCI: aardvark: Remove PCIe outbound window configuration (git-fixes).
- PCI: aardvark: Train link immediately after enabling training (git-fixes).
- PCI: aardvark: Wait for endpoint to be ready before training link (git-fixes).
- PCI: endpoint: Cast the page number to phys_addr_t (git-fixes).
- PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes).
- PCI: hv: Add a per-bus mutex state_lock (bsc#1207001).
- PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic (bsc#1207001).
- PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev (bsc#1207001).
- PCI: hv: fix a race condition bug in hv_pci_query_relations() (bsc#1207001).
- PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 (git-fixes).
- PCI: tegra: Fix OF node reference leak (git-fixes).
- PCI: xgene-msi: Fix race in installing chained irq handler (git-fixes).
- PM: hibernate: flush swap writer after marking (git-fixes).
- README.BRANCH: Adding myself to the maintainer list
- Revert 'PCI: hv: Fix a timing issue which causes kdump to fail occasionally' (bsc#1207001).
- Revert 'arm64: dts: juno: add dma-ranges property' (git-fixes)
- Revert 'mei: me: enable asynchronous probing' (bsc#1208048, bsc#1209126).
- SUNRPC: Fix a server shutdown leak (git-fixes).
- applicom: Fix PCI device refcount leak in applicom_init() (git-fixes).
- arm64/alternatives: do not patch up internal branches (git-fixes)
- arm64/alternatives: move length validation inside the subsection (git-fixes)
- arm64/alternatives: use subsections for replacement sequences (git-fixes)
- arm64/cpufeature: Fix field sign for DIT hwcap detection (git-fixes)
- arm64/mm: fix variable 'pud' set but not used (git-fixes)
- arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE (git-fixes)
- arm64/vdso: Discard .note.gnu.property sections in vDSO (git-fixes)
- arm64: Discard .note.GNU-stack section (bsc#1203693 bsc#1209798).
- arm64: Do not forget syscall when starting a new thread. (git-fixes)
- arm64: Fix compiler warning from pte_unmap() with (git-fixes)
- arm64: Mark __stack_chk_guard as __ro_after_init (git-fixes)
- arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP (git-fixes)
- arm64: cmpxchg_double*: hazard against entire exchange variable (git-fixes)
- arm64: cpu_ops: fix a leaked reference by adding missing of_node_put (git-fixes)
- arm64: fix oops in concurrently setting insn_emulation sysctls (git-fixes)
- arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region (git-fixes)
- arm64: kprobe: make page to RO mode when allocate it (git-fixes)
- arm64: kpti: ensure patched kernel text is fetched from PoU (git-fixes)
- arm64: psci: Avoid printing in cpu_psci_cpu_die() (git-fixes)
- arm64: psci: Reduce the waiting time for cpu_psci_cpu_kill() (git-fixes)
- arm64: unwind: Prohibit probing on return_address() (git-fixes)
- crypto: arm64 - Fix unused variable compilation warnings of (git-fixes)
- dt-bindings: reset: meson8b: fix duplicate reset IDs (git-fixes).
- ftrace: Fix invalid address access in lookup_rec() when index is 0 (git-fixes).
- ima: Fix function name error in comment (git-fixes).
- ipv4: route: fix inet_rtm_getroute induced crash (git-fixes).
- kabi: PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes).
- kfifo: fix ternary sign extension bugs (git-fixes).
- kgdb: Drop malformed kernel doc comment (git-fixes).
- net: usb: lan78xx: Limit packet length to skb->len (git-fixes).
- net: usb: qmi_wwan: Adding support for Cinterion MV31 (git-fixes).
- net: usb: smsc75xx: Limit packet length to skb->len (git-fixes).
- net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (git-fixes).
- net: usb: smsc95xx: Limit packet length to skb->len (git-fixes).
- powerpc/btext: add missing of_node_put (bsc#1065729).
- powerpc/powernv/ioda: Skip unallocated resources when mapping to PE (bsc#1065729).
- powerpc/pseries/lpar: add missing RTAS retry status handling (bsc#1109158 ltc#169177 git-fixes).
- powerpc/pseries/lparcfg: add missing RTAS retry status handling (bsc#1065729).
- powerpc/rtas: ensure 4KB alignment for rtas_data_buf (bsc#1065729).
- powerpc/xics: fix refcount leak in icp_opal_init() (bsc#1065729).
- ppc64le: HWPOISON_INJECT=m (bsc#1209572).
- ring-buffer: remove obsolete comment for free_buffer_page() (git-fixes).
- s390/vfio-ap: fix memory leak in vfio_ap device driver (git-fixes).
- sbitmap: Avoid lockups when waker gets preempted (bsc#1209118).
- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE (bsc#1199837).
- scsi: qla2xxx: Synchronize the IOCB count to be in order (bsc#1209292 bsc#1209684 bsc#1209556).
- timers/sched_clock: Prevent generic sched_clock wrap caused by tick_freeze() (git-fixes).
- timers: Clear timer_base::must_forward_clk with (bsc#1207890)
- tracing/hwlat: Replace sched_setaffinity with set_cpus_allowed_ptr (git-fixes).
- tracing: Add NULL checks for buffer in ring_buffer_free_read_page() (git-fixes).
- usb: chipidea: fix deadlock in ci_otg_del_timer (git-fixes).
- usb: dwc3: exynos: Fix remove() function (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 (git-fixes).
- usb: typec: altmodes/displayport: Fix probe pin assign check (git-fixes).
- x86/PCI: Fix PCI IRQ routing table memory leak (git-fixes).
- x86/apic: Add name to irq chip (bsc#1206010).
- x86/apic: Deinline x2apic functions (bsc#1181001 jsc#ECO-3191).
- x86/atomic: Fix smp_mb__{before,after}_atomic() (git-fixes).
- x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c (git-fixes).
- x86/ia32: Fix ia32_restore_sigcontext() AC leak (git-fixes).
- x86/ioapic: Force affinity setup before startup (bsc#1193231).
- x86/irq/64: Limit IST stack overflow check to #DB stack (git-fixes).
- x86/mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() (git-fixes).
- x86/paravirt: Fix callee-saved function ELF sizes (git-fixes).
- x86/power: Fix 'nosmt' vs hibernation triple fault during resume (git-fixes).
- x86/stacktrace: Prevent infinite loop in arch_stack_walk_user() (git-fixes).
- x86/uaccess, signal: Fix AC=1 bloat (git-fixes).
- x86/x2apic: Mark set_x2apic_phys_mode() as __init (bsc#1181001 jsc#ECO-3191).
- x86/xen: Fix memory leak in xen_init_lock_cpu() (git-fixes).
- x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (git-fixes).
- xen-netfront: Fix NULL sring after live migration (git-fixes).
- xen-netfront: Fix mismatched rtnl_unlock (git-fixes).
- xen-netfront: Fix race between device setup and open (git-fixes).
- xen-netfront: Update features after registering netdev (git-fixes).
- xen-netfront: enable device after manual module load (git-fixes).
- xen-netfront: fix potential deadlock in xennet_remove() (git-fixes).
- xen-netfront: wait xenbus state change when load module manually (git-fixes).
- xen/netfront: fix waiting for xenbus state change (git-fixes).
- xen/netfront: stop tx queues during live migration (git-fixes).
- xen/platform-pci: add missing free_irq() in error path (git-fixes).
Patchnames
SUSE-2023-1801,SUSE-SLE-SERVER-12-SP5-2023-1801
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).\n- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).\n- CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA (bsc#1209778).\n- CVE-2022-20567: Fixed use after free that could lead to a local privilege escalation in pppol2tp_create of l2tp_ppp.c (bsc#1208850).\n- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).\n- CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets (bsc#1208599).\n- CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).\n- CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209634).\n- CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).\n- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).\n- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).\n- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).\n- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).\n- CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/bluetooth/hci_conn.c (bsc#1209052).\n- CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).\n\nThe following non-security bugs were fixed:\n\n- ARM: 8702/1: head-common.S: Clear lr before jumping to start_kernel() (git-fixes)\n- Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE (git-fixes).\n- Bluetooth: btusb: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).\n- Input: atmel_mxt_ts - fix double free in mxt_read_info_block (git-fixes).\n- KVM: arm64: Hide system instruction access to Trace registers (git-fixes)\n- NFSv4: Fix hangs when recovering open state after a server reboot (git-fixes).\n- PCI/MSI: Enforce MSI entry updates to be visible (git-fixes).\n- PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes).\n- PCI/MSI: Mask all unused MSI-X entries (git-fixes).\n- PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).\n- PCI/PM: Always return devices to D0 when thawing (git-fixes).\n- PCI/PM: Avoid using device_may_wakeup() for runtime PM (git-fixes).\n- PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints (git-fixes).\n- PCI: Add ACS quirk for iProc PAXB (git-fixes).\n- PCI: Avoid FLR for AMD Matisse HD Audio \u0026 USB 3.0 (git-fixes).\n- PCI: Avoid FLR for AMD Starship USB 3.0 (git-fixes).\n- PCI: Make ACS quirk implementations more uniform (git-fixes).\n- PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (git-fixes).\n- PCI: PM: Avoid skipping bus-level PM on platforms without ACPI (git-fixes).\n- PCI: Unify ACS quirk desired vs provided checking (git-fixes).\n- PCI: Use pci_update_current_state() in pci_enable_device_flags() (git-fixes).\n- PCI: aardvark: Do not blindly enable ASPM L0s and do not write to read-only register (git-fixes).\n- PCI: aardvark: Do not rely on jiffies while holding spinlock (git-fixes).\n- PCI: aardvark: Do not touch PCIe registers if no card connected (git-fixes).\n- PCI: aardvark: Fix a leaked reference by adding missing of_node_put() (git-fixes).\n- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).\n- PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).\n- PCI: aardvark: Improve link training (git-fixes).\n- PCI: aardvark: Indicate error in \u0027val\u0027 when config read fails (git-fixes).\n- PCI: aardvark: Introduce an advk_pcie_valid_device() helper (git-fixes).\n- PCI: aardvark: Remove PCIe outbound window configuration (git-fixes).\n- PCI: aardvark: Train link immediately after enabling training (git-fixes).\n- PCI: aardvark: Wait for endpoint to be ready before training link (git-fixes).\n- PCI: endpoint: Cast the page number to phys_addr_t (git-fixes).\n- PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes).\n- PCI: hv: Add a per-bus mutex state_lock (bsc#1207001).\n- PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic (bsc#1207001).\n- PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev (bsc#1207001).\n- PCI: hv: fix a race condition bug in hv_pci_query_relations() (bsc#1207001).\n- PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 (git-fixes).\n- PCI: tegra: Fix OF node reference leak (git-fixes).\n- PCI: xgene-msi: Fix race in installing chained irq handler (git-fixes).\n- PM: hibernate: flush swap writer after marking (git-fixes).\n- README.BRANCH: Adding myself to the maintainer list\n- Revert \u0027PCI: hv: Fix a timing issue which causes kdump to fail occasionally\u0027 (bsc#1207001).\n- Revert \u0027arm64: dts: juno: add dma-ranges property\u0027 (git-fixes)\n- Revert \u0027mei: me: enable asynchronous probing\u0027 (bsc#1208048, bsc#1209126).\n- SUNRPC: Fix a server shutdown leak (git-fixes).\n- applicom: Fix PCI device refcount leak in applicom_init() (git-fixes).\n- arm64/alternatives: do not patch up internal branches (git-fixes)\n- arm64/alternatives: move length validation inside the subsection (git-fixes)\n- arm64/alternatives: use subsections for replacement sequences (git-fixes)\n- arm64/cpufeature: Fix field sign for DIT hwcap detection (git-fixes)\n- arm64/mm: fix variable \u0027pud\u0027 set but not used (git-fixes)\n- arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE (git-fixes)\n- arm64/vdso: Discard .note.gnu.property sections in vDSO (git-fixes)\n- arm64: Discard .note.GNU-stack section (bsc#1203693 bsc#1209798).\n- arm64: Do not forget syscall when starting a new thread. (git-fixes)\n- arm64: Fix compiler warning from pte_unmap() with (git-fixes)\n- arm64: Mark __stack_chk_guard as __ro_after_init (git-fixes)\n- arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP (git-fixes)\n- arm64: cmpxchg_double*: hazard against entire exchange variable (git-fixes)\n- arm64: cpu_ops: fix a leaked reference by adding missing of_node_put (git-fixes)\n- arm64: fix oops in concurrently setting insn_emulation sysctls (git-fixes)\n- arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region (git-fixes)\n- arm64: kprobe: make page to RO mode when allocate it (git-fixes)\n- arm64: kpti: ensure patched kernel text is fetched from PoU (git-fixes)\n- arm64: psci: Avoid printing in cpu_psci_cpu_die() (git-fixes)\n- arm64: psci: Reduce the waiting time for cpu_psci_cpu_kill() (git-fixes)\n- arm64: unwind: Prohibit probing on return_address() (git-fixes)\n- crypto: arm64 - Fix unused variable compilation warnings of (git-fixes)\n- dt-bindings: reset: meson8b: fix duplicate reset IDs (git-fixes).\n- ftrace: Fix invalid address access in lookup_rec() when index is 0 (git-fixes).\n- ima: Fix function name error in comment (git-fixes).\n- ipv4: route: fix inet_rtm_getroute induced crash (git-fixes).\n- kabi: PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes).\n- kfifo: fix ternary sign extension bugs (git-fixes).\n- kgdb: Drop malformed kernel doc comment (git-fixes).\n- net: usb: lan78xx: Limit packet length to skb-\u003elen (git-fixes).\n- net: usb: qmi_wwan: Adding support for Cinterion MV31 (git-fixes).\n- net: usb: smsc75xx: Limit packet length to skb-\u003elen (git-fixes).\n- net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (git-fixes).\n- net: usb: smsc95xx: Limit packet length to skb-\u003elen (git-fixes).\n- powerpc/btext: add missing of_node_put (bsc#1065729).\n- powerpc/powernv/ioda: Skip unallocated resources when mapping to PE (bsc#1065729).\n- powerpc/pseries/lpar: add missing RTAS retry status handling (bsc#1109158 ltc#169177 git-fixes).\n- powerpc/pseries/lparcfg: add missing RTAS retry status handling (bsc#1065729).\n- powerpc/rtas: ensure 4KB alignment for rtas_data_buf (bsc#1065729).\n- powerpc/xics: fix refcount leak in icp_opal_init() (bsc#1065729).\n- ppc64le: HWPOISON_INJECT=m (bsc#1209572).\n- ring-buffer: remove obsolete comment for free_buffer_page() (git-fixes).\n- s390/vfio-ap: fix memory leak in vfio_ap device driver (git-fixes).\n- sbitmap: Avoid lockups when waker gets preempted (bsc#1209118).\n- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE (bsc#1199837).\n- scsi: qla2xxx: Synchronize the IOCB count to be in order (bsc#1209292 bsc#1209684 bsc#1209556).\n- timers/sched_clock: Prevent generic sched_clock wrap caused by tick_freeze() (git-fixes).\n- timers: Clear timer_base::must_forward_clk with (bsc#1207890)\n- tracing/hwlat: Replace sched_setaffinity with set_cpus_allowed_ptr (git-fixes).\n- tracing: Add NULL checks for buffer in ring_buffer_free_read_page() (git-fixes).\n- usb: chipidea: fix deadlock in ci_otg_del_timer (git-fixes).\n- usb: dwc3: exynos: Fix remove() function (git-fixes).\n- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).\n- usb: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100 (git-fixes).\n- usb: typec: altmodes/displayport: Fix probe pin assign check (git-fixes).\n- x86/PCI: Fix PCI IRQ routing table memory leak (git-fixes).\n- x86/apic: Add name to irq chip (bsc#1206010).\n- x86/apic: Deinline x2apic functions (bsc#1181001 jsc#ECO-3191).\n- x86/atomic: Fix smp_mb__{before,after}_atomic() (git-fixes).\n- x86/build: Add \u0027set -e\u0027 to mkcapflags.sh to delete broken capflags.c (git-fixes).\n- x86/ia32: Fix ia32_restore_sigcontext() AC leak (git-fixes).\n- x86/ioapic: Force affinity setup before startup (bsc#1193231).\n- x86/irq/64: Limit IST stack overflow check to #DB stack (git-fixes).\n- x86/mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() (git-fixes).\n- x86/paravirt: Fix callee-saved function ELF sizes (git-fixes).\n- x86/power: Fix \u0027nosmt\u0027 vs hibernation triple fault during resume (git-fixes).\n- x86/stacktrace: Prevent infinite loop in arch_stack_walk_user() (git-fixes).\n- x86/uaccess, signal: Fix AC=1 bloat (git-fixes).\n- x86/x2apic: Mark set_x2apic_phys_mode() as __init (bsc#1181001 jsc#ECO-3191).\n- x86/xen: Fix memory leak in xen_init_lock_cpu() (git-fixes).\n- x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (git-fixes).\n- xen-netfront: Fix NULL sring after live migration (git-fixes).\n- xen-netfront: Fix mismatched rtnl_unlock (git-fixes).\n- xen-netfront: Fix race between device setup and open (git-fixes).\n- xen-netfront: Update features after registering netdev (git-fixes).\n- xen-netfront: enable device after manual module load (git-fixes).\n- xen-netfront: fix potential deadlock in xennet_remove() (git-fixes).\n- xen-netfront: wait xenbus state change when load module manually (git-fixes).\n- xen/netfront: fix waiting for xenbus state change (git-fixes).\n- xen/netfront: stop tx queues during live migration (git-fixes).\n- xen/platform-pci: add missing free_irq() in error path (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1801,SUSE-SLE-SERVER-12-SP5-2023-1801",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1801-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1801-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231801-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1801-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-April/028741.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1076830",
"url": "https://bugzilla.suse.com/1076830"
},
{
"category": "self",
"summary": "SUSE Bug 1109158",
"url": "https://bugzilla.suse.com/1109158"
},
{
"category": "self",
"summary": "SUSE Bug 1181001",
"url": "https://bugzilla.suse.com/1181001"
},
{
"category": "self",
"summary": "SUSE Bug 1193231",
"url": "https://bugzilla.suse.com/1193231"
},
{
"category": "self",
"summary": "SUSE Bug 1199837",
"url": "https://bugzilla.suse.com/1199837"
},
{
"category": "self",
"summary": "SUSE Bug 1203693",
"url": "https://bugzilla.suse.com/1203693"
},
{
"category": "self",
"summary": "SUSE Bug 1206010",
"url": "https://bugzilla.suse.com/1206010"
},
{
"category": "self",
"summary": "SUSE Bug 1207001",
"url": "https://bugzilla.suse.com/1207001"
},
{
"category": "self",
"summary": "SUSE Bug 1207036",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "self",
"summary": "SUSE Bug 1207125",
"url": "https://bugzilla.suse.com/1207125"
},
{
"category": "self",
"summary": "SUSE Bug 1207795",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "self",
"summary": "SUSE Bug 1207890",
"url": "https://bugzilla.suse.com/1207890"
},
{
"category": "self",
"summary": "SUSE Bug 1208048",
"url": "https://bugzilla.suse.com/1208048"
},
{
"category": "self",
"summary": "SUSE Bug 1208599",
"url": "https://bugzilla.suse.com/1208599"
},
{
"category": "self",
"summary": "SUSE Bug 1208777",
"url": "https://bugzilla.suse.com/1208777"
},
{
"category": "self",
"summary": "SUSE Bug 1208850",
"url": "https://bugzilla.suse.com/1208850"
},
{
"category": "self",
"summary": "SUSE Bug 1209052",
"url": "https://bugzilla.suse.com/1209052"
},
{
"category": "self",
"summary": "SUSE Bug 1209118",
"url": "https://bugzilla.suse.com/1209118"
},
{
"category": "self",
"summary": "SUSE Bug 1209126",
"url": "https://bugzilla.suse.com/1209126"
},
{
"category": "self",
"summary": "SUSE Bug 1209256",
"url": "https://bugzilla.suse.com/1209256"
},
{
"category": "self",
"summary": "SUSE Bug 1209289",
"url": "https://bugzilla.suse.com/1209289"
},
{
"category": "self",
"summary": "SUSE Bug 1209291",
"url": "https://bugzilla.suse.com/1209291"
},
{
"category": "self",
"summary": "SUSE Bug 1209292",
"url": "https://bugzilla.suse.com/1209292"
},
{
"category": "self",
"summary": "SUSE Bug 1209532",
"url": "https://bugzilla.suse.com/1209532"
},
{
"category": "self",
"summary": "SUSE Bug 1209547",
"url": "https://bugzilla.suse.com/1209547"
},
{
"category": "self",
"summary": "SUSE Bug 1209549",
"url": "https://bugzilla.suse.com/1209549"
},
{
"category": "self",
"summary": "SUSE Bug 1209556",
"url": "https://bugzilla.suse.com/1209556"
},
{
"category": "self",
"summary": "SUSE Bug 1209572",
"url": "https://bugzilla.suse.com/1209572"
},
{
"category": "self",
"summary": "SUSE Bug 1209634",
"url": "https://bugzilla.suse.com/1209634"
},
{
"category": "self",
"summary": "SUSE Bug 1209684",
"url": "https://bugzilla.suse.com/1209684"
},
{
"category": "self",
"summary": "SUSE Bug 1209778",
"url": "https://bugzilla.suse.com/1209778"
},
{
"category": "self",
"summary": "SUSE Bug 1209798",
"url": "https://bugzilla.suse.com/1209798"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5753 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3923 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20567 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1076 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1095 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1281 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1390 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1513 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23455 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28328 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28464 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28772 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28772/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2023-04-10T08:26:05Z",
"generator": {
"date": "2023-04-10T08:26:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1801-1",
"initial_release_date": "2023-04-10T08:26:05Z",
"revision_history": [
{
"date": "2023-04-10T08:26:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.130.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.130.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.130.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.130.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.130.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.130.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.130.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.130.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.130.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.130.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.130.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.130.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.130.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.130.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.130.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.130.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.130.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.130.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.130.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.130.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.130.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.130.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.130.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.130.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.130.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.130.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.130.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.130.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.130.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.130.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.130.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.130.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.130.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.130.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.130.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.130.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.130.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.130.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.130.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.130.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5753"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5753",
"url": "https://www.suse.com/security/cve/CVE-2017-5753"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1075748 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075748"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087084 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1209547 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1209547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2021-3923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3923"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3923",
"url": "https://www.suse.com/security/cve/CVE-2021-3923"
},
{
"category": "external",
"summary": "SUSE Bug 1209778 for CVE-2021-3923",
"url": "https://bugzilla.suse.com/1209778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "low"
}
],
"title": "CVE-2021-3923"
},
{
"cve": "CVE-2022-20567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20567"
}
],
"notes": [
{
"category": "general",
"text": "In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20567",
"url": "https://www.suse.com/security/cve/CVE-2022-20567"
},
{
"category": "external",
"summary": "SUSE Bug 1208850 for CVE-2022-20567",
"url": "https://bugzilla.suse.com/1208850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "moderate"
}
],
"title": "CVE-2022-20567"
},
{
"cve": "CVE-2023-0590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0590"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (\"net: sched: fix race condition in qdisc_graft()\") not applied yet, then kernel could be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0590",
"url": "https://www.suse.com/security/cve/CVE-2023-0590"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207795 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207795"
},
{
"category": "external",
"summary": "SUSE Bug 1207822 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1207822"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211495"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-0590",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2023-0590"
},
{
"cve": "CVE-2023-1076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1076"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1076",
"url": "https://www.suse.com/security/cve/CVE-2023-1076"
},
{
"category": "external",
"summary": "SUSE Bug 1208599 for CVE-2023-1076",
"url": "https://bugzilla.suse.com/1208599"
},
{
"category": "external",
"summary": "SUSE Bug 1214019 for CVE-2023-1076",
"url": "https://bugzilla.suse.com/1214019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "moderate"
}
],
"title": "CVE-2023-1076"
},
{
"cve": "CVE-2023-1095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1095"
}
],
"notes": [
{
"category": "general",
"text": "In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1095",
"url": "https://www.suse.com/security/cve/CVE-2023-1095"
},
{
"category": "external",
"summary": "SUSE Bug 1208777 for CVE-2023-1095",
"url": "https://bugzilla.suse.com/1208777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "moderate"
}
],
"title": "CVE-2023-1095"
},
{
"cve": "CVE-2023-1281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1281"
}
],
"notes": [
{
"category": "general",
"text": "Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when \u0027tcf_exts_exec()\u0027 is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root.\nThis issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1281",
"url": "https://www.suse.com/security/cve/CVE-2023-1281"
},
{
"category": "external",
"summary": "SUSE Bug 1209634 for CVE-2023-1281",
"url": "https://bugzilla.suse.com/1209634"
},
{
"category": "external",
"summary": "SUSE Bug 1209683 for CVE-2023-1281",
"url": "https://bugzilla.suse.com/1209683"
},
{
"category": "external",
"summary": "SUSE Bug 1210335 for CVE-2023-1281",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "external",
"summary": "SUSE Bug 1210423 for CVE-2023-1281",
"url": "https://bugzilla.suse.com/1210423"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-1281",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2023-1281"
},
{
"cve": "CVE-2023-1390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1390"
}
],
"notes": [
{
"category": "general",
"text": "A remote denial of service vulnerability was found in the Linux kernel\u0027s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1390",
"url": "https://www.suse.com/security/cve/CVE-2023-1390"
},
{
"category": "external",
"summary": "SUSE Bug 1209289 for CVE-2023-1390",
"url": "https://bugzilla.suse.com/1209289"
},
{
"category": "external",
"summary": "SUSE Bug 1210779 for CVE-2023-1390",
"url": "https://bugzilla.suse.com/1210779"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2023-1390",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2023-1390"
},
{
"cve": "CVE-2023-1513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1513"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1513",
"url": "https://www.suse.com/security/cve/CVE-2023-1513"
},
{
"category": "external",
"summary": "SUSE Bug 1209532 for CVE-2023-1513",
"url": "https://bugzilla.suse.com/1209532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "low"
}
],
"title": "CVE-2023-1513"
},
{
"cve": "CVE-2023-23454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23454"
}
],
"notes": [
{
"category": "general",
"text": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23454",
"url": "https://www.suse.com/security/cve/CVE-2023-23454"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207188 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1207188"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-23454",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2023-23454"
},
{
"cve": "CVE-2023-23455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23455"
}
],
"notes": [
{
"category": "general",
"text": "atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23455",
"url": "https://www.suse.com/security/cve/CVE-2023-23455"
},
{
"category": "external",
"summary": "SUSE Bug 1207036 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207036"
},
{
"category": "external",
"summary": "SUSE Bug 1207125 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207125"
},
{
"category": "external",
"summary": "SUSE Bug 1207189 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1207189"
},
{
"category": "external",
"summary": "SUSE Bug 1211833 for CVE-2023-23455",
"url": "https://bugzilla.suse.com/1211833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2023-23455"
},
{
"cve": "CVE-2023-28328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28328"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28328",
"url": "https://www.suse.com/security/cve/CVE-2023-28328"
},
{
"category": "external",
"summary": "SUSE Bug 1209291 for CVE-2023-28328",
"url": "https://bugzilla.suse.com/1209291"
},
{
"category": "external",
"summary": "SUSE Bug 1222212 for CVE-2023-28328",
"url": "https://bugzilla.suse.com/1222212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "moderate"
}
],
"title": "CVE-2023-28328"
},
{
"cve": "CVE-2023-28464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28464"
}
],
"notes": [
{
"category": "general",
"text": "hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28464",
"url": "https://www.suse.com/security/cve/CVE-2023-28464"
},
{
"category": "external",
"summary": "SUSE Bug 1209052 for CVE-2023-28464",
"url": "https://bugzilla.suse.com/1209052"
},
{
"category": "external",
"summary": "SUSE Bug 1211111 for CVE-2023-28464",
"url": "https://bugzilla.suse.com/1211111"
},
{
"category": "external",
"summary": "SUSE Bug 1220130 for CVE-2023-28464",
"url": "https://bugzilla.suse.com/1220130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2023-28464"
},
{
"cve": "CVE-2023-28772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28772"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28772",
"url": "https://www.suse.com/security/cve/CVE-2023-28772"
},
{
"category": "external",
"summary": "SUSE Bug 1209549 for CVE-2023-28772",
"url": "https://bugzilla.suse.com/1209549"
},
{
"category": "external",
"summary": "SUSE Bug 1211110 for CVE-2023-28772",
"url": "https://bugzilla.suse.com/1211110"
},
{
"category": "external",
"summary": "SUSE Bug 1214378 for CVE-2023-28772",
"url": "https://bugzilla.suse.com/1214378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.130.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.130.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.130.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-10T08:26:05Z",
"details": "important"
}
],
"title": "CVE-2023-28772"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…