suse-su-2024:1669-1
Vulnerability from csaf_suse
Published
2024-05-16 08:50
Modified
2024-05-16 08:50
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
- CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219295).
- CVE-2021-46932: Initialized work before appletouch device registration (bsc#1220444).
- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
- CVE-2023-52475: Fixed a use-after-free in powermate_config_complete() (bsc#1220649).
- CVE-2023-52445: Fixed a use-after-free on context disconnection in pvrusb2 (bsc#1220241).
- CVE-2023-52429: Limited the number of targets and parameter size area for device mapper (bsc#1219146).
- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl() related to a vcc_recvmsg race condition (bsc#1218730).
- CVE-2023-51782: Fixed a use-after-free in rose_ioctl() related to a rose_accept race condition (bsc#1218757).
- CVE-2023-31083: Fixed a NULL pointer dereference in hci_uart_tty_ioctl() (bsc#1210780).
The following non-security bugs were fixed:
- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (bsc#1213456).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
Patchnames
SUSE-2024-1669,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-1669
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).\n- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).\n- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).\n- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).\n- CVE-2023-52340: Fixed a denial of service related to ICMPv6 \u0027Packet Too Big\u0027 packets (bsc#1219295).\n- CVE-2021-46932: Initialized work before appletouch device registration (bsc#1220444).\n- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).\n- CVE-2023-52475: Fixed a use-after-free in powermate_config_complete() (bsc#1220649).\n- CVE-2023-52445: Fixed a use-after-free on context disconnection in pvrusb2 (bsc#1220241).\n- CVE-2023-52429: Limited the number of targets and parameter size area for device mapper (bsc#1219146).\n- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl() related to a vcc_recvmsg race condition (bsc#1218730).\n- CVE-2023-51782: Fixed a use-after-free in rose_ioctl() related to a rose_accept race condition (bsc#1218757).\n- CVE-2023-31083: Fixed a NULL pointer dereference in hci_uart_tty_ioctl() (bsc#1210780).\n\nThe following non-security bugs were fixed:\n\n- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).\n- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).\n- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).\n- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).\n- x86/bugs: Add asm helpers for executing VERW (bsc#1213456).\n- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).\n- x86/entry_32: Add VERW just before userspace transition (git-fixes).\n- x86/entry_64: Add VERW just before userspace transition (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1669,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-1669",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1669-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1669-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241669-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1669-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019269.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210780",
"url": "https://bugzilla.suse.com/1210780"
},
{
"category": "self",
"summary": "SUSE Bug 1213456",
"url": "https://bugzilla.suse.com/1213456"
},
{
"category": "self",
"summary": "SUSE Bug 1218220",
"url": "https://bugzilla.suse.com/1218220"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1218730",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "self",
"summary": "SUSE Bug 1218757",
"url": "https://bugzilla.suse.com/1218757"
},
{
"category": "self",
"summary": "SUSE Bug 1219146",
"url": "https://bugzilla.suse.com/1219146"
},
{
"category": "self",
"summary": "SUSE Bug 1219295",
"url": "https://bugzilla.suse.com/1219295"
},
{
"category": "self",
"summary": "SUSE Bug 1219827",
"url": "https://bugzilla.suse.com/1219827"
},
{
"category": "self",
"summary": "SUSE Bug 1220191",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "self",
"summary": "SUSE Bug 1220238",
"url": "https://bugzilla.suse.com/1220238"
},
{
"category": "self",
"summary": "SUSE Bug 1220241",
"url": "https://bugzilla.suse.com/1220241"
},
{
"category": "self",
"summary": "SUSE Bug 1220416",
"url": "https://bugzilla.suse.com/1220416"
},
{
"category": "self",
"summary": "SUSE Bug 1220418",
"url": "https://bugzilla.suse.com/1220418"
},
{
"category": "self",
"summary": "SUSE Bug 1220444",
"url": "https://bugzilla.suse.com/1220444"
},
{
"category": "self",
"summary": "SUSE Bug 1220649",
"url": "https://bugzilla.suse.com/1220649"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221088",
"url": "https://bugzilla.suse.com/1221088"
},
{
"category": "self",
"summary": "SUSE Bug 1221578",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "self",
"summary": "SUSE Bug 1221598",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1223016",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "self",
"summary": "SUSE Bug 1223824",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46904 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46905 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46932 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48619 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28746 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31083 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51780 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51782 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52340 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52429 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52445 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52449 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52475 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23851 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27043/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-05-16T08:50:07Z",
"generator": {
"date": "2024-05-16T08:50:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1669-1",
"initial_release_date": "2024-05-16T08:50:07Z",
"revision_history": [
{
"date": "2024-05-16T08:50:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-debug-3.0.101-108.153.1.i586",
"product_id": "kernel-debug-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-debug-base-3.0.101-108.153.1.i586",
"product_id": "kernel-debug-base-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-debug-devel-3.0.101-108.153.1.i586",
"product_id": "kernel-debug-devel-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-debug-extra-3.0.101-108.153.1.i586",
"product_id": "kernel-debug-extra-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.153.1.i586",
"product_id": "kernel-debug-hmac-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-default-3.0.101-108.153.1.i586",
"product_id": "kernel-default-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-108.153.1.i586",
"product_id": "kernel-default-base-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-108.153.1.i586",
"product_id": "kernel-default-devel-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-default-extra-3.0.101-108.153.1.i586",
"product_id": "kernel-default-extra-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-default-hmac-3.0.101-108.153.1.i586",
"product_id": "kernel-default-hmac-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-108.153.1.i586",
"product_id": "kernel-ec2-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-108.153.1.i586",
"product_id": "kernel-ec2-base-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.153.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.153.1.i586",
"product_id": "kernel-ec2-extra-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.153.1.i586",
"product_id": "kernel-ec2-hmac-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-pae-3.0.101-108.153.1.i586",
"product_id": "kernel-pae-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-108.153.1.i586",
"product_id": "kernel-pae-base-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-108.153.1.i586",
"product_id": "kernel-pae-devel-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-extra-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-pae-extra-3.0.101-108.153.1.i586",
"product_id": "kernel-pae-extra-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-hmac-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-pae-hmac-3.0.101-108.153.1.i586",
"product_id": "kernel-pae-hmac-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-source-3.0.101-108.153.1.i586",
"product_id": "kernel-source-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.153.1.i586",
"product_id": "kernel-source-vanilla-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-syms-3.0.101-108.153.1.i586",
"product_id": "kernel-syms-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-trace-3.0.101-108.153.1.i586",
"product_id": "kernel-trace-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-108.153.1.i586",
"product_id": "kernel-trace-base-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-108.153.1.i586",
"product_id": "kernel-trace-devel-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-trace-extra-3.0.101-108.153.1.i586",
"product_id": "kernel-trace-extra-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.153.1.i586",
"product_id": "kernel-trace-hmac-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-vanilla-3.0.101-108.153.1.i586",
"product_id": "kernel-vanilla-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.153.1.i586",
"product_id": "kernel-vanilla-base-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.153.1.i586",
"product_id": "kernel-vanilla-devel-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.153.1.i586",
"product_id": "kernel-vanilla-hmac-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-xen-3.0.101-108.153.1.i586",
"product_id": "kernel-xen-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-108.153.1.i586",
"product_id": "kernel-xen-base-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-108.153.1.i586",
"product_id": "kernel-xen-devel-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-xen-extra-3.0.101-108.153.1.i586",
"product_id": "kernel-xen-extra-3.0.101-108.153.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.153.1.i586",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.153.1.i586",
"product_id": "kernel-xen-hmac-3.0.101-108.153.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.153.1.ia64",
"product": {
"name": "kernel-source-3.0.101-108.153.1.ia64",
"product_id": "kernel-source-3.0.101-108.153.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.153.1.ia64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.153.1.ia64",
"product_id": "kernel-source-vanilla-3.0.101-108.153.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-docs-3.0.101-108.153.1.noarch",
"product": {
"name": "kernel-docs-3.0.101-108.153.1.noarch",
"product_id": "kernel-docs-3.0.101-108.153.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.153.1.ppc",
"product": {
"name": "kernel-source-3.0.101-108.153.1.ppc",
"product_id": "kernel-source-3.0.101-108.153.1.ppc"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.153.1.ppc",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.153.1.ppc",
"product_id": "kernel-source-vanilla-3.0.101-108.153.1.ppc"
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.153.1.ppc64",
"product": {
"name": "kernel-source-3.0.101-108.153.1.ppc64",
"product_id": "kernel-source-3.0.101-108.153.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.153.1.ppc64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.153.1.ppc64",
"product_id": "kernel-source-vanilla-3.0.101-108.153.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.153.1.s390",
"product": {
"name": "kernel-source-3.0.101-108.153.1.s390",
"product_id": "kernel-source-3.0.101-108.153.1.s390"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.153.1.s390",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.153.1.s390",
"product_id": "kernel-source-vanilla-3.0.101-108.153.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.153.1.s390x",
"product": {
"name": "kernel-source-3.0.101-108.153.1.s390x",
"product_id": "kernel-source-3.0.101-108.153.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.153.1.s390x",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.153.1.s390x",
"product_id": "kernel-source-vanilla-3.0.101-108.153.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-debug-3.0.101-108.153.1.x86_64",
"product_id": "kernel-debug-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-debug-base-3.0.101-108.153.1.x86_64",
"product_id": "kernel-debug-base-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-debug-devel-3.0.101-108.153.1.x86_64",
"product_id": "kernel-debug-devel-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-debug-extra-3.0.101-108.153.1.x86_64",
"product_id": "kernel-debug-extra-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.153.1.x86_64",
"product_id": "kernel-debug-hmac-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-108.153.1.x86_64",
"product_id": "kernel-default-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-108.153.1.x86_64",
"product_id": "kernel-default-base-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-108.153.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-default-extra-3.0.101-108.153.1.x86_64",
"product_id": "kernel-default-extra-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-default-hmac-3.0.101-108.153.1.x86_64",
"product_id": "kernel-default-hmac-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-108.153.1.x86_64",
"product_id": "kernel-ec2-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-108.153.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.153.1.x86_64",
"product_id": "kernel-ec2-extra-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.153.1.x86_64",
"product_id": "kernel-ec2-hmac-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-108.153.1.x86_64",
"product_id": "kernel-source-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.153.1.x86_64",
"product_id": "kernel-source-vanilla-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-108.153.1.x86_64",
"product_id": "kernel-syms-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-108.153.1.x86_64",
"product_id": "kernel-trace-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-108.153.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.153.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-trace-extra-3.0.101-108.153.1.x86_64",
"product_id": "kernel-trace-extra-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.153.1.x86_64",
"product_id": "kernel-trace-hmac-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-vanilla-3.0.101-108.153.1.x86_64",
"product_id": "kernel-vanilla-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.153.1.x86_64",
"product_id": "kernel-vanilla-base-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.153.1.x86_64",
"product_id": "kernel-vanilla-devel-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.153.1.x86_64",
"product_id": "kernel-vanilla-hmac-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-108.153.1.x86_64",
"product_id": "kernel-xen-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-108.153.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-108.153.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-xen-extra-3.0.101-108.153.1.x86_64",
"product_id": "kernel-xen-extra-3.0.101-108.153.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.153.1.x86_64",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.153.1.x86_64",
"product_id": "kernel-xen-hmac-3.0.101-108.153.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.153.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-108.153.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix null-ptr-deref during tty device unregistration\n\nMultiple ttys try to claim the same the minor number causing a double\nunregistration of the same device. The first unregistration succeeds\nbut the next one results in a null-ptr-deref.\n\nThe get_free_serial_index() function returns an available minor number\nbut doesn\u0027t assign it immediately. The assignment is done by the caller\nlater. But before this assignment, calls to get_free_serial_index()\nwould return the same minor number.\n\nFix this by modifying get_free_serial_index to assign the minor number\nimmediately after one is found to be and rename it to obtain_minor()\nto better reflect what it does. Similary, rename set_serial_by_index()\nto release_minor() and modify it to free up the minor number of the\ngiven hso_serial. Every obtain_minor() should have corresponding\nrelease_minor() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46904",
"url": "https://www.suse.com/security/cve/CVE-2021-46904"
},
{
"category": "external",
"summary": "SUSE Bug 1220416 for CVE-2021-46904",
"url": "https://bugzilla.suse.com/1220416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2021-46904"
},
{
"cve": "CVE-2021-46905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hso: fix NULL-deref on disconnect regression\n\nCommit 8a12f8836145 (\"net: hso: fix null-ptr-deref during tty device\nunregistration\") fixed the racy minor allocation reported by syzbot, but\nintroduced an unconditional NULL-pointer dereference on every disconnect\ninstead.\n\nSpecifically, the serial device table must no longer be accessed after\nthe minor has been released by hso_serial_tty_unregister().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46905",
"url": "https://www.suse.com/security/cve/CVE-2021-46905"
},
{
"category": "external",
"summary": "SUSE Bug 1220418 for CVE-2021-46905",
"url": "https://bugzilla.suse.com/1220418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2021-46905"
},
{
"cve": "CVE-2021-46932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: appletouch - initialize work before device registration\n\nSyzbot has reported warning in __flush_work(). This warning is caused by\nwork-\u003efunc == NULL, which means missing work initialization.\n\nThis may happen, since input_dev-\u003eclose() calls\ncancel_work_sync(\u0026dev-\u003ework), but dev-\u003ework initalization happens _after_\ninput_register_device() call.\n\nSo this patch moves dev-\u003ework initialization before registering input\ndevice",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46932",
"url": "https://www.suse.com/security/cve/CVE-2021-46932"
},
{
"category": "external",
"summary": "SUSE Bug 1220444 for CVE-2021-46932",
"url": "https://bugzilla.suse.com/1220444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2021-46932"
},
{
"cve": "CVE-2022-48619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48619"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48619",
"url": "https://www.suse.com/security/cve/CVE-2022-48619"
},
{
"category": "external",
"summary": "SUSE Bug 1218220 for CVE-2022-48619",
"url": "https://bugzilla.suse.com/1218220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2022-48619"
},
{
"cve": "CVE-2023-28746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28746"
}
],
"notes": [
{
"category": "general",
"text": "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28746",
"url": "https://www.suse.com/security/cve/CVE-2023-28746"
},
{
"category": "external",
"summary": "SUSE Bug 1213456 for CVE-2023-28746",
"url": "https://bugzilla.suse.com/1213456"
},
{
"category": "external",
"summary": "SUSE Bug 1221323 for CVE-2023-28746",
"url": "https://bugzilla.suse.com/1221323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-28746"
},
{
"cve": "CVE-2023-31083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31083"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu-\u003eproto is set. A NULL pointer dereference may occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31083",
"url": "https://www.suse.com/security/cve/CVE-2023-31083"
},
{
"category": "external",
"summary": "SUSE Bug 1210780 for CVE-2023-31083",
"url": "https://bugzilla.suse.com/1210780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-31083"
},
{
"cve": "CVE-2023-51780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51780"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51780",
"url": "https://www.suse.com/security/cve/CVE-2023-51780"
},
{
"category": "external",
"summary": "SUSE Bug 1218730 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "external",
"summary": "SUSE Bug 1218733 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218733"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "important"
}
],
"title": "CVE-2023-51780"
},
{
"cve": "CVE-2023-51782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51782"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51782",
"url": "https://www.suse.com/security/cve/CVE-2023-51782"
},
{
"category": "external",
"summary": "SUSE Bug 1218757 for CVE-2023-51782",
"url": "https://bugzilla.suse.com/1218757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-51782"
},
{
"cve": "CVE-2023-52340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52340"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52340",
"url": "https://www.suse.com/security/cve/CVE-2023-52340"
},
{
"category": "external",
"summary": "SUSE Bug 1219295 for CVE-2023-52340",
"url": "https://bugzilla.suse.com/1219295"
},
{
"category": "external",
"summary": "SUSE Bug 1219296 for CVE-2023-52340",
"url": "https://bugzilla.suse.com/1219296"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-52340",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-52340",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "important"
}
],
"title": "CVE-2023-52340"
},
{
"cve": "CVE-2023-52429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52429"
}
],
"notes": [
{
"category": "general",
"text": "dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52429",
"url": "https://www.suse.com/security/cve/CVE-2023-52429"
},
{
"category": "external",
"summary": "SUSE Bug 1219827 for CVE-2023-52429",
"url": "https://bugzilla.suse.com/1219827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-52429"
},
{
"cve": "CVE-2023-52445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix use after free on context disconnection\n\nUpon module load, a kthread is created targeting the\npvr2_context_thread_func function, which may call pvr2_context_destroy\nand thus call kfree() on the context object. However, that might happen\nbefore the usb hub_event handler is able to notify the driver. This\npatch adds a sanity check before the invalid read reported by syzbot,\nwithin the context disconnection call stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52445",
"url": "https://www.suse.com/security/cve/CVE-2023-52445"
},
{
"category": "external",
"summary": "SUSE Bug 1220241 for CVE-2023-52445",
"url": "https://bugzilla.suse.com/1220241"
},
{
"category": "external",
"summary": "SUSE Bug 1220315 for CVE-2023-52445",
"url": "https://bugzilla.suse.com/1220315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-52445"
},
{
"cve": "CVE-2023-52449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52449"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: Fix gluebi NULL pointer dereference caused by ftl notifier\n\nIf both ftl.ko and gluebi.ko are loaded, the notifier of ftl\ntriggers NULL pointer dereference when trying to access\n\u0027gluebi-\u003edesc\u0027 in gluebi_read().\n\nubi_gluebi_init\n ubi_register_volume_notifier\n ubi_enumerate_volumes\n ubi_notify_all\n gluebi_notify nb-\u003enotifier_call()\n gluebi_create\n mtd_device_register\n mtd_device_parse_register\n add_mtd_device\n blktrans_notify_add not-\u003eadd()\n ftl_add_mtd tr-\u003eadd_mtd()\n scan_header\n mtd_read\n mtd_read_oob\n mtd_read_oob_std\n gluebi_read mtd-\u003eread()\n gluebi-\u003edesc - NULL\n\nDetailed reproduction information available at the Link [1],\n\nIn the normal case, obtain gluebi-\u003edesc in the gluebi_get_device(),\nand access gluebi-\u003edesc in the gluebi_read(). However,\ngluebi_get_device() is not executed in advance in the\nftl_add_mtd() process, which leads to NULL pointer dereference.\n\nThe solution for the gluebi module is to run jffs2 on the UBI\nvolume without considering working with ftl or mtdblock [2].\nTherefore, this problem can be avoided by preventing gluebi from\ncreating the mtdblock device after creating mtd partition of the\ntype MTD_UBIVOLUME.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52449",
"url": "https://www.suse.com/security/cve/CVE-2023-52449"
},
{
"category": "external",
"summary": "SUSE Bug 1220238 for CVE-2023-52449",
"url": "https://bugzilla.suse.com/1220238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-52449"
},
{
"cve": "CVE-2023-52475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52475"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: powermate - fix use-after-free in powermate_config_complete\n\nsyzbot has found a use-after-free bug [1] in the powermate driver. This\nhappens when the device is disconnected, which leads to a memory free from\nthe powermate_device struct. When an asynchronous control message\ncompletes after the kfree and its callback is invoked, the lock does not\nexist anymore and hence the bug.\n\nUse usb_kill_urb() on pm-\u003econfig to cancel any in-progress requests upon\ndevice disconnection.\n\n[1] https://syzkaller.appspot.com/bug?extid=0434ac83f907a1dbdd1e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52475",
"url": "https://www.suse.com/security/cve/CVE-2023-52475"
},
{
"category": "external",
"summary": "SUSE Bug 1220649 for CVE-2023-52475",
"url": "https://bugzilla.suse.com/1220649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-52475"
},
{
"cve": "CVE-2023-52590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change ocfs2 rename code to avoid touching renamed directory if\nits parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52590",
"url": "https://www.suse.com/security/cve/CVE-2023-52590"
},
{
"category": "external",
"summary": "SUSE Bug 1221088 for CVE-2023-52590",
"url": "https://bugzilla.suse.com/1221088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-52590"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2024-23851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23851"
}
],
"notes": [
{
"category": "general",
"text": "copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel-\u003edata_size check. This is related to ctl_ioctl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23851",
"url": "https://www.suse.com/security/cve/CVE-2024-23851"
},
{
"category": "external",
"summary": "SUSE Bug 1219146 for CVE-2024-23851",
"url": "https://bugzilla.suse.com/1219146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-23851"
},
{
"cve": "CVE-2024-26733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26733",
"url": "https://www.suse.com/security/cve/CVE-2024-26733"
},
{
"category": "external",
"summary": "SUSE Bug 1222585 for CVE-2024-26733",
"url": "https://bugzilla.suse.com/1222585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-26733"
},
{
"cve": "CVE-2024-26898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\n\nThis patch is against CVE-2023-6270. The description of cve is:\n\n A flaw was found in the ATA over Ethernet (AoE) driver in the Linux\n kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on\n `struct net_device`, and a use-after-free can be triggered by racing\n between the free on the struct and the access through the `skbtxq`\n global queue. This could lead to a denial of service condition or\n potential code execution.\n\nIn aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial\ncode is finished. But the net_device ifp will still be used in\nlater tx()-\u003edev_queue_xmit() in kthread. Which means that the\ndev_put(ifp) should NOT be called in the success path of skb\ninitial code in aoecmd_cfg_pkts(). Otherwise tx() may run into\nuse-after-free because the net_device is freed.\n\nThis patch removed the dev_put(ifp) in the success path in\naoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26898",
"url": "https://www.suse.com/security/cve/CVE-2024-26898"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1223017 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "important"
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27043",
"url": "https://www.suse.com/security/cve/CVE-2024-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223824 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "external",
"summary": "SUSE Bug 1223825 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.153.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.153.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-16T08:50:07Z",
"details": "important"
}
],
"title": "CVE-2024-27043"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…