suse-su-2024:0113-1
Vulnerability from csaf_suse
Published
2024-01-16 12:29
Modified
2024-01-16 12:29
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
- CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted (bsc#1202095).
- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).
- CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).
- CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component that could lead to local privilege escalation. (bsc#1218258).
- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
- CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).
- CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250).
The following non-security bugs were fixed:
- Fix termination state for idr_for_each_entry_ul() (bsc#1109837).
- Input: powermate - fix use-after-free in powermate_config_complete (git-fixes).
- KVM: s390/mm: Properly reset no-dat (git-fixes bsc#1218057).
- KVM: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217936).
- Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
- PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1218622).
- Resolve build warnings from previous series due to missing commit for Ice Lake freerunning counters perf/x86/intel/uncore: Add box_offsets for free-running counters (jsc#PED-5023 bsc#1211439).
- Revert 'Limit kernel-source-azure build to architectures for which we build binaries (bsc#1108281).'
- bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes).
- bcache: Remove unnecessary NULL point check in node allocations (git-fixes).
- bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes).
- bcache: check return value from btree_node_alloc_replacement() (git-fixes).
- bcache: prevent potential division by zero error (git-fixes).
- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes).
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
- dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes).
- dm cache: add cond_resched() to various workqueue loops (git-fixes).
- dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
- dm flakey: do not corrupt the zero page (git-fixes).
- dm flakey: fix a crash with invalid table line (git-fixes).
- dm flakey: fix logic when corrupting a bio (git-fixes).
- dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes).
- dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-fixes).
- dm stats: check for and propagate alloc_percpu failure (git-fixes).
- dm thin: add cond_resched() to various workqueue loops (git-fixes).
- dm verity: do not perform FEC for failed readahead IO (git-fixes).
- dm verity: fix error handling for check_at_most_once on FEC (git-fixes).
- dm verity: skip redundant verity_handle_err() on I/O errors (git-fixes).
- dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes).
- dm-verity: align struct dm_verity_fec_io properly (git-fixes).
- dm: remove flush_scheduled_work() during local_exit() (git-fixes).
- doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021)
- doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021)
- doc/README.SUSE: Simplify the list of references (jsc#PED-5021)
- gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479).
- gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479).
- gve: Changes to add new TX queues (bsc#1214479).
- gve: Control path for DQO-QPL (bsc#1214479).
- gve: Do not fully free QPL pages on prefill errors (bsc#1214479).
- gve: Fix gve interrupt names (bsc#1214479).
- gve: Fixes for napi_poll when budget is 0 (bsc#1214479).
- gve: RX path for DQO-QPL (bsc#1214479).
- gve: Set default duplex configuration to full (bsc#1214479).
- gve: Tx path for DQO-QPL (bsc#1214479).
- gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479).
- gve: XDP support GQI-QPL: helper function changes (bsc#1214479).
- gve: fix frag_list chaining (bsc#1214479).
- gve: trivial spell fix Recive to Receive (bsc#1214479).
- gve: unify driver name usage (bsc#1214479).
- ip6_gre: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).
- ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).
- ip6_vti: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).
- ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
- ipv6: remove extra dev_hold() for fallback tunnels (git-fixes).
- md/raid0: add discard support for the 'original' layout (git-fixes).
- md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes).
- md/raid1: free the r1bio before waiting for blocked rdev (git-fixes).
- md/raid1: hold the barrier until handle_read_error() finishes (git-fixes).
- md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes).
- md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).
- md: restore 'noio_flag' for the last mddev_resume() (git-fixes).
- mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files.
- nbd: Add the maximum limit of allocated index in nbd_dev_add (git-fixes).
- nbd: Fix debugfs_create_dir error checking (git-fixes).
- net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
- net/tg3: resolve deadlock in tg3_reset_task() during EEH (bsc#1217801).
- net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed (git-fixes).
- net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode (git-fixes).
- net: macb: disable scatter-gather for macb on sama5d3 (git-fixes).
- net: stmmac: Move debugfs init/exit to ->probe()/->remove() (git-fixes).
- net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-fixes).
- net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).
- net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (git-fixes).
- net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg (git-fixes).
- netfilter: compat: prepare xt_compat_init_offsets to return errors (git-fixes).
- netfilter: compat: reject huge allocation requests (git-fixes).
- netfilter: ebtables: also count base chain policies (git-fixes).
- netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present (git-fixes).
- netfilter: ebtables: do not attempt to allocate 0-sized compat array (git-fixes).
- netfilter: nf_tables: fix use-after-free when deleting compat expressions (git-fixes).
- netfilter: nft_compat: use-after-free when deleting targets (git-fixes).
- netfilter: preserve KABI for xt_compat_init_offsets (git-fixes).
- nvme: sanitize metadata bounce buffer for reads (git-fixes).
- perf/x86/cstate: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).
- perf/x86/cstate: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).
- perf/x86/cstate: Update C-state counters for Ice Lake (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Add Comet Lake support (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Add IMC uncore support for Snow Ridge (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Add Ice Lake server uncore support (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Add Rocket Lake support (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Add new IMC PCI IDs for KabyLake, AmberLake and WhiskeyLake CPUs (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Add tabs to Uncore IMC PCI IDs (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Add uncore support for Snow Ridge server (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Clean up client IMC (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Factor out __snr_uncore_mmio_init_box (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Factor out box ref/unref functions (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix IIO event constraints for Snowridge (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix Intel ICX IIO event constraints (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of a u32 (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix missing marker for snr_uncore_imc_freerunning_events (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix oops when counting IMC uncore events on some TGL (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix reference count leak in __uncore_imc_init_box() (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Fix the scale of the IMC free-running events (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Split the Ice Lake and Tiger Lake MSR uncore support (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Support MMIO type uncore blocks (jsc#PED-5023 bsc#1211439).
- perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server (jsc#PED-5023 bsc#1211439 (git-fixes)).
- perf/x86/intel/uncore: Update Ice Lake uncore units (jsc#PED-5023 bsc#1211439).
- perf/x86/intel: Add Icelake desktop CPUID (jsc#PED-5023 bsc#1211439).
- perf/x86/intel: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).
- perf/x86/intel: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).
- perf/x86/intel: Add more Icelake CPUIDs (jsc#PED-5023 bsc#1211439).
- perf/x86/intel: Fix Ice Lake event constraint table (jsc#PED-5023 bsc#1211439).
- perf/x86/intel: Fix invalid Bit 13 for Icelake MSR_OFFCORE_RSP_x register (jsc#PED-5023 bsc#1211439).
- perf/x86/intel: Mark expected switch fall-throughs (jsc#PED-5023 bsc#1211439).
- perf/x86/msr: Add Comet Lake CPU support (jsc#PED-5023 bsc#1211439).
- perf/x86/msr: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).
- perf/x86/msr: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).
- perf/x86/msr: Add new CPU model numbers for Ice Lake (jsc#PED-5023 bsc#1211439).
- perf/x86/rapl: Add Ice Lake RAPL support (jsc#PED-5023 bsc#1211439).
- perf/x86: Add Intel Ice Lake NNPI uncore support (jsc#PED-5023 bsc#1211439).
- perf/x86: Add Intel Tiger Lake uncore support (jsc#PED-5023 bsc#1211439).
- r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes).
- r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).
- r8152: Cancel hw_phy_work if we have an error in probe (git-fixes).
- r8152: Increase USB control msg timeout to 5000ms as per spec (git-fixes).
- r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes).
- r8152: Run the unload routine if we have errors during probe (git-fixes).
- rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails (git-fixes).
- ring-buffer: Fix memory leak of free page (git-fixes).
- s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218362).
- sit: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).
- tcp: fix under-evaluated ssthresh in TCP Vegas (git-fixes).
- tracing: Always update snapshot buffer size (git-fixes).
- tracing: Disable snapshot buffer when stopping instance tracers (git-fixes).
- tracing: Fix a possible race when disabling buffered events (bsc#1217036).
- tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
- tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).
- tracing: Fix warning in trace_buffered_event_disable() (git-fixes, bsc#1217036).
- tracing: Stop current tracer when resizing buffer (git-fixes).
- tracing: Update snapshot buffer on resize if it is allocated (git-fixes).
- tracing: relax trace_event_eval_update() execution with cond_resched() (git-fixes).
- usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (git-fixes).
- x86/cpu: Add Comet Lake to the Intel CPU models header (jsc#PED-5023 bsc#1211439).
- x86/cpu: Add Ice Lake NNPI to Intel family (jsc#PED-5023 bsc#1211439).
- x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (jsc#PED-5023 bsc#1211439).
- x86/cpu: Add Sapphire Rapids CPU model number (jsc#PED-5023 bsc#1211439).
- x86/cpu: Add Tiger Lake to Intel family (jsc#PED-5023 bsc#1211439).
- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
- xfrm: reuse uncached_list to track xdsts (git-fixes).
- xhci: Clear EHB bit only at end of interrupt handler (git-fixes).
- xsk: Fix incorrect netdev reference count (git-fixes).
Patchnames
SUSE-2024-113,SUSE-SLE-SERVER-12-SP5-2024-113
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).\n- CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted (bsc#1202095).\n- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).\n- CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).\n- CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component that could lead to local privilege escalation. (bsc#1218258).\n- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).\n- CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).\n- CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250).\n\nThe following non-security bugs were fixed:\n\n- Fix termination state for idr_for_each_entry_ul() (bsc#1109837).\n- Input: powermate - fix use-after-free in powermate_config_complete (git-fixes).\n- KVM: s390/mm: Properly reset no-dat (git-fixes bsc#1218057).\n- KVM: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217936).\n- Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).\n- PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1218622).\n- Resolve build warnings from previous series due to missing commit for Ice Lake freerunning counters perf/x86/intel/uncore: Add box_offsets for free-running counters (jsc#PED-5023 bsc#1211439).\n- Revert \u0027Limit kernel-source-azure build to architectures for which we build binaries (bsc#1108281).\u0027\n- bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes).\n- bcache: Remove unnecessary NULL point check in node allocations (git-fixes).\n- bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes).\n- bcache: check return value from btree_node_alloc_replacement() (git-fixes).\n- bcache: prevent potential division by zero error (git-fixes).\n- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes).\n- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).\n- dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes).\n- dm cache: add cond_resched() to various workqueue loops (git-fixes).\n- dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).\n- dm flakey: do not corrupt the zero page (git-fixes).\n- dm flakey: fix a crash with invalid table line (git-fixes).\n- dm flakey: fix logic when corrupting a bio (git-fixes).\n- dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes).\n- dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-fixes).\n- dm stats: check for and propagate alloc_percpu failure (git-fixes).\n- dm thin: add cond_resched() to various workqueue loops (git-fixes).\n- dm verity: do not perform FEC for failed readahead IO (git-fixes).\n- dm verity: fix error handling for check_at_most_once on FEC (git-fixes).\n- dm verity: skip redundant verity_handle_err() on I/O errors (git-fixes).\n- dm-integrity: do not modify bio\u0027s immutable bio_vec in integrity_metadata() (git-fixes).\n- dm-verity: align struct dm_verity_fec_io properly (git-fixes).\n- dm: remove flush_scheduled_work() during local_exit() (git-fixes).\n- doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021)\n- doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021)\n- doc/README.SUSE: Simplify the list of references (jsc#PED-5021)\n- gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479).\n- gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479).\n- gve: Changes to add new TX queues (bsc#1214479).\n- gve: Control path for DQO-QPL (bsc#1214479).\n- gve: Do not fully free QPL pages on prefill errors (bsc#1214479).\n- gve: Fix gve interrupt names (bsc#1214479).\n- gve: Fixes for napi_poll when budget is 0 (bsc#1214479).\n- gve: RX path for DQO-QPL (bsc#1214479).\n- gve: Set default duplex configuration to full (bsc#1214479).\n- gve: Tx path for DQO-QPL (bsc#1214479).\n- gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479).\n- gve: XDP support GQI-QPL: helper function changes (bsc#1214479).\n- gve: fix frag_list chaining (bsc#1214479).\n- gve: trivial spell fix Recive to Receive (bsc#1214479).\n- gve: unify driver name usage (bsc#1214479).\n- ip6_gre: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).\n- ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).\n- ip6_vti: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).\n- ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).\n- ipv6: remove extra dev_hold() for fallback tunnels (git-fixes).\n- md/raid0: add discard support for the \u0027original\u0027 layout (git-fixes).\n- md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes).\n- md/raid1: free the r1bio before waiting for blocked rdev (git-fixes).\n- md/raid1: hold the barrier until handle_read_error() finishes (git-fixes).\n- md: do not leave \u0027MD_RECOVERY_FROZEN\u0027 in error path of md_set_readonly() (git-fixes).\n- md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).\n- md: restore \u0027noio_flag\u0027 for the last mddev_resume() (git-fixes).\n- mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files.\n- nbd: Add the maximum limit of allocated index in nbd_dev_add (git-fixes).\n- nbd: Fix debugfs_create_dir error checking (git-fixes).\n- net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).\n- net/tg3: resolve deadlock in tg3_reset_task() during EEH (bsc#1217801).\n- net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed (git-fixes).\n- net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode (git-fixes).\n- net: macb: disable scatter-gather for macb on sama5d3 (git-fixes).\n- net: stmmac: Move debugfs init/exit to -\u003eprobe()/-\u003eremove() (git-fixes).\n- net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-fixes).\n- net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).\n- net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (git-fixes).\n- net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg (git-fixes).\n- netfilter: compat: prepare xt_compat_init_offsets to return errors (git-fixes).\n- netfilter: compat: reject huge allocation requests (git-fixes).\n- netfilter: ebtables: also count base chain policies (git-fixes).\n- netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present (git-fixes).\n- netfilter: ebtables: do not attempt to allocate 0-sized compat array (git-fixes).\n- netfilter: nf_tables: fix use-after-free when deleting compat expressions (git-fixes).\n- netfilter: nft_compat: use-after-free when deleting targets (git-fixes).\n- netfilter: preserve KABI for xt_compat_init_offsets (git-fixes).\n- nvme: sanitize metadata bounce buffer for reads (git-fixes).\n- perf/x86/cstate: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).\n- perf/x86/cstate: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).\n- perf/x86/cstate: Update C-state counters for Ice Lake (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Add Comet Lake support (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Add IMC uncore support for Snow Ridge (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Add Ice Lake server uncore support (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Add Rocket Lake support (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Add new IMC PCI IDs for KabyLake, AmberLake and WhiskeyLake CPUs (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Add tabs to Uncore IMC PCI IDs (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Add uncore support for Snow Ridge server (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Clean up client IMC (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Factor out __snr_uncore_mmio_init_box (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Factor out box ref/unref functions (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix IIO event constraints for Snowridge (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix Intel ICX IIO event constraints (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of a u32 (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix missing marker for snr_uncore_imc_freerunning_events (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix oops when counting IMC uncore events on some TGL (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix reference count leak in __uncore_imc_init_box() (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Fix the scale of the IMC free-running events (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Split the Ice Lake and Tiger Lake MSR uncore support (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Support MMIO type uncore blocks (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server (jsc#PED-5023 bsc#1211439 (git-fixes)).\n- perf/x86/intel/uncore: Update Ice Lake uncore units (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel: Add Icelake desktop CPUID (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel: Add more Icelake CPUIDs (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel: Fix Ice Lake event constraint table (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel: Fix invalid Bit 13 for Icelake MSR_OFFCORE_RSP_x register (jsc#PED-5023 bsc#1211439).\n- perf/x86/intel: Mark expected switch fall-throughs (jsc#PED-5023 bsc#1211439).\n- perf/x86/msr: Add Comet Lake CPU support (jsc#PED-5023 bsc#1211439).\n- perf/x86/msr: Add Rocket Lake CPU support (jsc#PED-5023 bsc#1211439).\n- perf/x86/msr: Add Tiger Lake CPU support (jsc#PED-5023 bsc#1211439).\n- perf/x86/msr: Add new CPU model numbers for Ice Lake (jsc#PED-5023 bsc#1211439).\n- perf/x86/rapl: Add Ice Lake RAPL support (jsc#PED-5023 bsc#1211439).\n- perf/x86: Add Intel Ice Lake NNPI uncore support (jsc#PED-5023 bsc#1211439).\n- perf/x86: Add Intel Tiger Lake uncore support (jsc#PED-5023 bsc#1211439).\n- r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes).\n- r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).\n- r8152: Cancel hw_phy_work if we have an error in probe (git-fixes).\n- r8152: Increase USB control msg timeout to 5000ms as per spec (git-fixes).\n- r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes).\n- r8152: Run the unload routine if we have errors during probe (git-fixes).\n- rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails (git-fixes).\n- ring-buffer: Fix memory leak of free page (git-fixes).\n- s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218362).\n- sit: proper dev_{hold|put} in ndo_[un]init methods (git-fixes).\n- tcp: fix under-evaluated ssthresh in TCP Vegas (git-fixes).\n- tracing: Always update snapshot buffer size (git-fixes).\n- tracing: Disable snapshot buffer when stopping instance tracers (git-fixes).\n- tracing: Fix a possible race when disabling buffered events (bsc#1217036).\n- tracing: Fix a warning when allocating buffered events fails (bsc#1217036).\n- tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).\n- tracing: Fix warning in trace_buffered_event_disable() (git-fixes, bsc#1217036).\n- tracing: Stop current tracer when resizing buffer (git-fixes).\n- tracing: Update snapshot buffer on resize if it is allocated (git-fixes).\n- tracing: relax trace_event_eval_update() execution with cond_resched() (git-fixes).\n- usb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027 (git-fixes).\n- x86/cpu: Add Comet Lake to the Intel CPU models header (jsc#PED-5023 bsc#1211439).\n- x86/cpu: Add Ice Lake NNPI to Intel family (jsc#PED-5023 bsc#1211439).\n- x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (jsc#PED-5023 bsc#1211439).\n- x86/cpu: Add Sapphire Rapids CPU model number (jsc#PED-5023 bsc#1211439).\n- x86/cpu: Add Tiger Lake to Intel family (jsc#PED-5023 bsc#1211439).\n- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).\n- xfrm: reuse uncached_list to track xdsts (git-fixes).\n- xhci: Clear EHB bit only at end of interrupt handler (git-fixes).\n- xsk: Fix incorrect netdev reference count (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-113,SUSE-SLE-SERVER-12-SP5-2024-113",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0113-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0113-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240113-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0113-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017671.html"
},
{
"category": "self",
"summary": "SUSE Bug 1108281",
"url": "https://bugzilla.suse.com/1108281"
},
{
"category": "self",
"summary": "SUSE Bug 1109837",
"url": "https://bugzilla.suse.com/1109837"
},
{
"category": "self",
"summary": "SUSE Bug 1179610",
"url": "https://bugzilla.suse.com/1179610"
},
{
"category": "self",
"summary": "SUSE Bug 1202095",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1211439",
"url": "https://bugzilla.suse.com/1211439"
},
{
"category": "self",
"summary": "SUSE Bug 1214479",
"url": "https://bugzilla.suse.com/1214479"
},
{
"category": "self",
"summary": "SUSE Bug 1215237",
"url": "https://bugzilla.suse.com/1215237"
},
{
"category": "self",
"summary": "SUSE Bug 1217036",
"url": "https://bugzilla.suse.com/1217036"
},
{
"category": "self",
"summary": "SUSE Bug 1217250",
"url": "https://bugzilla.suse.com/1217250"
},
{
"category": "self",
"summary": "SUSE Bug 1217801",
"url": "https://bugzilla.suse.com/1217801"
},
{
"category": "self",
"summary": "SUSE Bug 1217936",
"url": "https://bugzilla.suse.com/1217936"
},
{
"category": "self",
"summary": "SUSE Bug 1217946",
"url": "https://bugzilla.suse.com/1217946"
},
{
"category": "self",
"summary": "SUSE Bug 1217947",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "self",
"summary": "SUSE Bug 1218057",
"url": "https://bugzilla.suse.com/1218057"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1218253",
"url": "https://bugzilla.suse.com/1218253"
},
{
"category": "self",
"summary": "SUSE Bug 1218258",
"url": "https://bugzilla.suse.com/1218258"
},
{
"category": "self",
"summary": "SUSE Bug 1218362",
"url": "https://bugzilla.suse.com/1218362"
},
{
"category": "self",
"summary": "SUSE Bug 1218559",
"url": "https://bugzilla.suse.com/1218559"
},
{
"category": "self",
"summary": "SUSE Bug 1218622",
"url": "https://bugzilla.suse.com/1218622"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-26555 page",
"url": "https://www.suse.com/security/cve/CVE-2020-26555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51779 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6121 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6606 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6610 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6931 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6932 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6932/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-01-16T12:29:32Z",
"generator": {
"date": "2024-01-16T12:29:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0113-1",
"initial_release_date": "2024-01-16T12:29:32Z",
"revision_history": [
{
"date": "2024-01-16T12:29:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.163.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.163.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.163.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.163.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.163.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.163.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.163.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.163.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.163.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.163.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.163.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.163.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.163.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.163.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.163.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.163.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.163.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.163.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.163.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.163.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.163.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.163.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.163.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.163.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.163.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.163.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.163.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.163.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.163.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.163.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.163.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.163.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.163.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.163.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.163.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.163.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.163.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.163.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.163.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.163.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-26555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-26555"
}
],
"notes": [
{
"category": "general",
"text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-26555",
"url": "https://www.suse.com/security/cve/CVE-2020-26555"
},
{
"category": "external",
"summary": "SUSE Bug 1179610 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1179610"
},
{
"category": "external",
"summary": "SUSE Bug 1215237 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1215237"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2020-26555",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2020-26555"
},
{
"cve": "CVE-2022-2586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2586"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2586",
"url": "https://www.suse.com/security/cve/CVE-2022-2586"
},
{
"category": "external",
"summary": "SUSE Bug 1202095 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "external",
"summary": "SUSE Bug 1209719 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1209719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-2586"
},
{
"cve": "CVE-2023-51779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51779"
}
],
"notes": [
{
"category": "general",
"text": "bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51779",
"url": "https://www.suse.com/security/cve/CVE-2023-51779"
},
{
"category": "external",
"summary": "SUSE Bug 1218559 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1218559"
},
{
"category": "external",
"summary": "SUSE Bug 1218610 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1218610"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1220015"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51779",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "important"
}
],
"title": "CVE-2023-51779"
},
{
"cve": "CVE-2023-6121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6121"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6121",
"url": "https://www.suse.com/security/cve/CVE-2023-6121"
},
{
"category": "external",
"summary": "SUSE Bug 1217250 for CVE-2023-6121",
"url": "https://bugzilla.suse.com/1217250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-6121"
},
{
"cve": "CVE-2023-6606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6606"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6606",
"url": "https://www.suse.com/security/cve/CVE-2023-6606"
},
{
"category": "external",
"summary": "SUSE Bug 1217947 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1217947"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-6606",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-6606"
},
{
"cve": "CVE-2023-6610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6610"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6610",
"url": "https://www.suse.com/security/cve/CVE-2023-6610"
},
{
"category": "external",
"summary": "SUSE Bug 1217946 for CVE-2023-6610",
"url": "https://bugzilla.suse.com/1217946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-6610"
},
{
"cve": "CVE-2023-6931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6931"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6931",
"url": "https://www.suse.com/security/cve/CVE-2023-6931"
},
{
"category": "external",
"summary": "SUSE Bug 1214158 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1214158"
},
{
"category": "external",
"summary": "SUSE Bug 1218258 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1218258"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-6931",
"url": "https://bugzilla.suse.com/1220191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "important"
}
],
"title": "CVE-2023-6931"
},
{
"cve": "CVE-2023-6932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6932"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6932",
"url": "https://www.suse.com/security/cve/CVE-2023-6932"
},
{
"category": "external",
"summary": "SUSE Bug 1218253 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1218253"
},
{
"category": "external",
"summary": "SUSE Bug 1218255 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1218255"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1220015"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6932",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.163.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.163.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.163.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-01-16T12:29:32Z",
"details": "important"
}
],
"title": "CVE-2023-6932"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…