1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:0152-1

[SUSE-SU-2023:0152-1] Security update for the Linux Kernel

Severity Important
Affected Packages 47
CVEs 19
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-0266: Fixed a use-after-free bug led by a missing lock in ALSA. (bsc#1207134)
  • CVE-2022-47929: Fixed a NULL pointer dereference bug in the traffic control subsystem which allowed an unprivileged user to trigger a denial of service via a crafted traffic control configuration. (bsc#1207237)
  • CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036)
  • CVE-2023-23455: Fixed a bug that could allow attackers to cause a denial of service because of type confusion in atm_tc_enqueue. (bsc#1207125)
  • CVE-2022-3435: Fixed an out-of-bounds read in fib_nh_match() of the file net/ipv4/fib_semantics.c (bsc#1204171).
  • CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664)
  • CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused by a lack of checks of the return value of kzalloc. (bsc#1206393)
  • CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. (bsc#1206515)
  • CVE-2022-3112: Fixed a null pointer dereference caused by lacks check of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases. (bsc#1206399)
  • CVE-2022-3564: Fixed a bug which could lead to use after free, it was found in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)
  • CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389)
  • CVE-2019-19083: Fixed a memory leaks in clock_source_create that could allow attackers to cause a denial of service (bsc#1157049).
  • CVE-2022-42328: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206114).
  • CVE-2022-42329: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206113).
  • CVE-2022-3643: Fixed a bug which could allow guests to trigger NIC interface reset/abort/crash via netback driver (bsc#1206113).
  • CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395)
  • CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394)
  • CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398)
  • CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397)

The following non-security bugs were fixed:

  • afs: Fix some tracing details (git-fixes).
  • arm64: cpu_errata: Add Hisilicon TSV110 to spectre-v2 safe list (git-fixes)
  • arm64: dts: allwinner: H5: Add PMU node (git-fixes)
  • arm64: dts: allwinner: H6: Add PMU mode (git-fixes)
  • arm64: dts: marvell: Add AP806-dual missing CPU clocks (git-fixes)
  • arm64: dts: rockchip: add reg property to brcmf sub-nodes (git-fixes)
  • arm64: dts: rockchip: fix dwmmc clock name for px30 (git-fixes)
  • arm64: dts: rockchip: Fix NanoPC-T4 cooling maps (git-fixes)
  • arm64: memory: Add missing brackets to untagged_addr() macro (git-fixes)
  • arm64: psci: Reduce the waiting time for cpu_psci_cpu_kill() (git-fixes).
  • arm64: tags: Preserve tags for addresses translated via TTBR1 (git-fixes)
  • arm64: tegra: Fix 'active-low' warning for Jetson Xavier regulator (git-fixes)
  • block: Do not reread partition table on exclusively open device (bsc#1190969).
  • ceph: avoid putting the realm twice when decoding snaps fails (bsc#1207198).
  • ceph: do not update snapshot context when there is no new snapshot (bsc#1207218).
  • cuse: prevent clone (bsc#1206177).
  • drbd: destroy workqueue when drbd device was freed (git-fixes).
  • drbd: remove usage of list iterator variable after loop (git-fixes).
  • drbd: use after free in drbd_create_device() (git-fixes).
  • dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes).
  • efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes).
  • ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
  • ext4: avoid BUG_ON when creating xattrs (bsc#1205496).
  • ext4: avoid crash when inline data creation follows DIO write (bsc#1206883).
  • ext4: avoid race conditions when remounting with options that change dax (bsc#1206860).
  • ext4: avoid resizing to a partial cluster size (bsc#1206880).
  • ext4: choose hardlimit when softlimit is larger than hardlimit in ext4_statfs_project() (bsc#1206854).
  • ext4: continue to expand file system when the target size does not reach (bsc#1206882).
  • ext4: convert BUG_ON's to WARN_ON's in mballoc.c (bsc#1206859).
  • ext4: correct max_inline_xattr_value_size computing (bsc#1206878).
  • ext4: correct the error path of ext4_write_inline_data_end() (bsc#1206875).
  • ext4: correct the misjudgment in ext4_iget_extra_inode (bsc#1206878).
  • ext4: Detect already used quota file early (bsc#1206873).
  • ext4: fix a data race at inode->i_disksize (bsc#1206855).
  • ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 (bsc#1206881).
  • ext4: fix BUG_ON() when directory entry has invalid rec_len (bsc#1206886).
  • ext4: fix corruption when online resizing a 1K bigalloc fs (bsc#1206891).
  • ext4: fix extent status tree race in writeback error recovery path (bsc#1206877).
  • ext4: fix null-ptr-deref in ext4_write_info (bsc#1206884).
  • ext4: fix undefined behavior in bit shift for ext4_check_flag_values (bsc#1206890).
  • ext4: fix uninititialized value in 'ext4_evict_inode' (bsc#1206893).
  • ext4: fix use-after-free in ext4_ext_shift_extents (bsc#1206888).
  • ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878).
  • ext4: fix warning in 'ext4_da_release_space' (bsc#1206887).
  • ext4: Fixup pages without buffers (bsc#1205495).
  • ext4: iomap that extends beyond EOF should be marked dirty (bsc#1206637).
  • ext4: make ext4_lazyinit_thread freezable (bsc#1206885).
  • ext4: mark block bitmap corrupted when found instead of BUGON (bsc#1206857).
  • ext4: silence the warning when evicting inode with dioread_nolock (bsc#1206889).
  • ext4: update s_overhead_clusters in the superblock during an on-line resize (bsc#1206876).
  • ext4: use matching invalidatepage in ext4_writepage (bsc#1206858).
  • fs: nfsd: fix kconfig dependency warning for NFSD_V4 (git-fixes).
  • fuse: do not check refcount after stealing page (bsc#1206174).
  • fuse: fix the ->direct_IO() treatment of iov_iter (bsc#1206176).
  • fuse: fix use after free in fuse_read_interrupt() (bsc#1206178).
  • fuse: lock inode unconditionally in fuse_fallocate() (bsc#1206179).
  • fuse: update attr_version counter on fuse_notify_inval_inode() (bsc#1206175).
  • HID: betop: check shape of output reports (git-fixes, bsc#1207186).
  • HID: check empty report_list in bigben_probe() (git-fixes, bsc#1206784).
  • HID: check empty report_list in hid_validate_values() (git-fixes, bsc#1206784).
  • ibmveth: Always stop tx queues during close (bsc#1065729).
  • ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
  • isofs: joliet: Fix iocharset=utf8 mount option (bsc#1206636).
  • kbuild: Unify options for BTF generation for vmlinux and modules (bsc#1204693).
  • lib/notifier-error-inject: fix error when writing -errno to debugfs file (bsc#1206634).
  • libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value (bsc#1206634).
  • lockd: lockd server-side shouldn't set fl_ops (git-fixes).
  • memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).
  • memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).
  • mm, page_alloc: avoid expensive reclaim when compaction may not succeed (bsc#1204250).
  • mm: fix race between MADV_FREE reclaim and blkdev direct IO read (bsc#1204989,bsc#1205601).
  • mm/filemap.c: clear page error before actual read (bsc#1206635).
  • mm/memcg: optimize memory.numa_stat like memory.stat (bsc#1206663).
  • module: avoid *goto*s in module_sig_check() (git-fixes).
  • module: lockdep: Suppress suspicious RCU usage warning (git-fixes).
  • module: merge repetitive strings in module_sig_check() (git-fixes).
  • module: Remove accidental change of module_enable_x() (git-fixes).
  • module: set MODULE_STATE_GOING state when a module fails to load (git-fixes).
  • net: mana: Fix race on per-CQ variable napi work_done (git-fixes).
  • net: sched: atm: dont intepret cls results when asked to drop (bsc#1207036).
  • net: sched: cbq: dont intepret cls results when asked to drop (bsc#1207036).
  • net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' (git-fixes).
  • net: usb: cdc_ncm: do not spew notifications (git-fixes).
  • net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).
  • netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (bsc#1204614).
  • NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails (git-fixes).
  • NFS: Fix an Oops in nfs_d_automount() (git-fixes).
  • NFS: Fix memory leaks (git-fixes).
  • NFS: Fix memory leaks in nfs_pageio_stop_mirroring() (git-fixes).
  • NFS: fix PNFS_FLEXFILE_LAYOUT Kconfig default (git-fixes).
  • NFS: Handle missing attributes in OPEN reply (bsc#1203740).
  • NFS: nfs_find_open_context() may only select open files (git-fixes).
  • NFS: nfs_xdr_status should record the procedure name (git-fixes).
  • NFS: nfs4clinet: check the return value of kstrdup() (git-fixes).
  • NFS: we do not support removing system.nfs4_acl (git-fixes).
  • NFS: Zero-stateid SETATTR should first return delegation (git-fixes).
  • NFS4: Fix kmemleak when allocate slot failed (git-fixes).
  • NFS4: Fix oops when copy_file_range is attempted with NFS4.0 source (git-fixes).
  • NFSD: Clone should commit src file metadata too (git-fixes).
  • NFSD: do not call nfsd_file_put from client states seqfile display (git-fixes).
  • NFSD: fix error handling in NFSv4.0 callbacks (git-fixes).
  • NFSD: Fix handling of oversized NFSv4 COMPOUND requests (git-fixes).
  • NFSD: Fix svc_xprt refcnt leak when setup callback client failed (git-fixes).
  • NFSD: Keep existing listeners on portlist error (git-fixes).
  • NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data (git-fixes).
  • NFSD: safer handling of corrupted c_type (git-fixes).
  • NFSv4 expose nfs_parse_server_name function (git-fixes).
  • NFSv4 only print the label when its queried (git-fixes).
  • NFSv4 remove zero number of fs_locations entries error check (git-fixes).
  • NFSv4: Do not hold the layoutget locks across multiple RPC calls (git-fixes).
  • NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn (git-fixes).
  • NFSv4: Fix a pNFS layout related use-after-free race when freeing the inode (git-fixes).
  • NFSv4: Fix races between open and dentry revalidation (git-fixes).
  • NFSv4: Protect the state recovery thread against direct reclaim (git-fixes).
  • NFSv4: Retry LOCK on OLD_STATEID during delegation return (git-fixes).
  • NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall (git-fixes).
  • NFSv4.1: Fix uninitialised variable in devicenotify (git-fixes).
  • NFSv4.1: Handle RECLAIM_COMPLETE trunking errors (git-fixes).
  • NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot (git-fixes).
  • NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding (git-fixes).
  • NFSv4.2: error out when relink swapfile (git-fixes).
  • NFSv4.2: Fix a memory stomp in decode_attr_security_label (git-fixes).
  • NFSv4.2: Fix initialisation of struct nfs4_label (git-fixes).
  • NFSv4.2: Fixup CLONE dest file size for zero-length count (git-fixes).
  • NFSv4.x: Fail client initialisation if state manager thread can't run (git-fixes).
  • NFSv4/pNFS: Always return layout stats on layout return for flexfiles (git-fixes).
  • NFSv4/pNFS: Fix a use-after-free bug in open (git-fixes).
  • NFSv4/pNFS: Try to return invalid layout in pnfs_layout_process() (git-fixes).
  • powerpc: Ensure that swiotlb buffer is allocated from low memory (bsc#1156395).
  • powerpc: Force inlining of cpu_has_feature() to avoid build failure (bsc#1065729).
  • powerpc: improve handling of unrecoverable system reset (bsc#1065729).
  • powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe() (bsc#1065729).
  • powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).
  • powerpc/64s/pgtable: fix an undefined behaviour (bsc#1065729).
  • powerpc/book3s/mm: Update Oops message to print the correct translation in use (bsc#1156395).
  • powerpc/boot: Fixup device-tree on little endian (bsc#1065729).
  • powerpc/crashkernel: Take 'mem=' option into account (bsc#1065729).
  • powerpc/eeh: Only dump stack once if an MMIO loop is detected (bsc#1065729).
  • powerpc/pci: Fix get_phb_number() locking (bsc#1065729).
  • powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).
  • powerpc/powernv: add missing of_node_put (bsc#1065729).
  • powerpc/powernv: Avoid re-registration of imc debugfs directory (bsc#1156395).
  • powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number (bsc#1065729).
  • powerpc/powernv/smp: Fix spurious DBG() warning (bsc#1065729).
  • powerpc/pseries: Stop calling printk in rtas_stop_self() (bsc#1065729).
  • powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).
  • powerpc/pseries/cmm: Implement release() function for sysfs device (bsc#1065729).
  • powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).
  • powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).
  • powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).
  • powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV (bsc#1065729).
  • powerpc/xive: Add a check for memory allocation failure (git-fixes).
  • powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).
  • powerpc/xive/spapr: correct bitmap allocation size (git-fixes).
  • quota: Check next/prev free block number after reading from quota file (bsc#1206640).
  • rpc: fix gss_svc_init cleanup on failure (git-fixes).
  • rpc: fix NULL dereference on kmalloc failure (git-fixes).
  • rtc: pcf85063: Fix reading alarm (git-fixes).
  • s390/boot: add secure boot trailer (bsc#1205256 LTC#1205256).
  • sbitmap: fix lockup while swapping (bsc#1206602).
  • sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime (bsc#1206841).
  • scsi: lpfc: Correct bandwidth logging during receipt of congestion sync WCQE (jsc#PED-1445).
  • scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (jsc#PED-1445).
  • scsi: lpfc: Fix MI capability display in cmf_info sysfs attribute (jsc#PED-1445).
  • scsi: lpfc: Fix WQ|CQ|EQ resource check (jsc#PED-1445).
  • scsi: lpfc: Remove linux/msi.h include (jsc#PED-1445).
  • scsi: lpfc: Remove redundant pointer 'lp' (jsc#PED-1445).
  • scsi: lpfc: Update lpfc version to 14.2.0.9 (jsc#PED-1445).
  • scsi: lpfc: Use memset_startat() helper (jsc#PED-1445).
  • scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).
  • scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).
  • scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).
  • scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).
  • scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).
  • sctp: sysctl: make extra pointers netns aware (bsc#1204760).
  • string.h: Introduce memset_startat() for wiping trailing members and padding (jsc#PED-1445).
  • SUNRPC: check that domain table is empty at module unload (git-fixes).
  • SUNRPC: Do not leak netobj memory when gss_read_proxy_verf() fails (git-fixes).
  • SUNRPC: Do not start a timer on an already queued rpc task (git-fixes).
  • SUNRPC: Fix missing release socket in rpc_sockname() (git-fixes).
  • SUNRPC: Fix potential leaks in sunrpc_cache_unhash() (git-fixes).
  • SUNRPC: Fix socket waits for write buffer space (git-fixes).
  • SUNRPC: Handle 0 length opaque XDR object data properly (git-fixes).
  • SUNRPC: Mitigate cond_resched() in xprt_transmit() (git-fixes).
  • SUNRPC: Move simple_get_bytes and simple_get_netobj into private header (git-fixes).
  • SUNRPC: stop printk reading past end of string (git-fixes).
  • svcrdma: Fix another Receive buffer leak (git-fixes).
  • svcrdma: Fix backchannel return code (git-fixes).
  • tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes).
  • tracing: Free buffers when a used dynamic event is removed (git-fixes).
  • tracing: Verify if trace array exists before destroying it (git-fixes).
  • tracing/dynevent: Delete all matched events (git-fixes).
  • udf_get_extendedattr() had no boundary checks (bsc#1206648).
  • udf: Avoid accessing uninitialized data on failed inode read (bsc#1206642).
  • udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).
  • udf: Fix free space reporting for metadata and virtual partitions (bsc#1206641).
  • udf: Fix iocharset=utf8 mount option (bsc#1206647).
  • udf: Fix NULL pointer dereference in udf_symlink function (bsc#1206646).
  • udf: fix silent AED tagLocation corruption (bsc#1206645).
  • udf: fix the problem that the disc content is not displayed (bsc#1206644).
  • udf: Limit sparing table size (bsc#1206643).
  • usb: host: xhci-hub: fix extra endianness conversion (git-fixes).
  • usbnet: move new members to end (git-fixes).
  • xprtrdma: Fix regbuf data not freed in rpcrdma_req_create() (git-fixes).
  • xprtrdma: treat all calls not a bcall when bc_serv is NULL (git-fixes).
Package Affected Version
pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-zfcpdump?arch=s390x&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-preempt?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-preempt?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-preempt-devel?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-preempt-devel?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=slem-5 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=opensuse-leap-micro-5.2 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=slem-5 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=slem-5 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=opensuse-leap-micro-5.2 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=slem-5 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=opensuse-leap-micro-5.2 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=slem-5 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=slem-5 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=opensuse-leap-micro-5.2 < 5.3.18-150300.59.109.1.150300.18.62.1
pkg:rpm/suse/kernel-64kb?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/kernel-64kb-devel?arch=aarch64&distro=sles-15&sp=3 < 5.3.18-150300.59.109.1
pkg:rpm/suse/dtb-zte?arch=aarch64&distro=opensuse-leap-15.4 < 5.3.18-150300.59.109.1
pkg:rpm/suse/dtb-al?arch=aarch64&distro=opensuse-leap-15.4 < 5.3.18-150300.59.109.1
ID
SUSE-SU-2023:0152-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20230152-1/
Published
2023-01-26T10:37:32
(19 months ago)
Modified
2023-01-26T10:37:32
(19 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0152-1.json
Suse URL for SUSE-SU-2023:0152-1 https://www.suse.com/support/update/announcement/2023/suse-su-20230152-1/
Suse E-Mail link for SUSE-SU-2023:0152-1 https://lists.suse.com/pipermail/sle-security-updates/2023-January/013530.html
Bugzilla SUSE Bug 1065729 https://bugzilla.suse.com/1065729
Bugzilla SUSE Bug 1151927 https://bugzilla.suse.com/1151927
Bugzilla SUSE Bug 1156395 https://bugzilla.suse.com/1156395
Bugzilla SUSE Bug 1157049 https://bugzilla.suse.com/1157049
Bugzilla SUSE Bug 1190969 https://bugzilla.suse.com/1190969
Bugzilla SUSE Bug 1203183 https://bugzilla.suse.com/1203183
Bugzilla SUSE Bug 1203693 https://bugzilla.suse.com/1203693
Bugzilla SUSE Bug 1203740 https://bugzilla.suse.com/1203740
Bugzilla SUSE Bug 1204171 https://bugzilla.suse.com/1204171
Bugzilla SUSE Bug 1204250 https://bugzilla.suse.com/1204250
Bugzilla SUSE Bug 1204614 https://bugzilla.suse.com/1204614
Bugzilla SUSE Bug 1204693 https://bugzilla.suse.com/1204693
Bugzilla SUSE Bug 1204760 https://bugzilla.suse.com/1204760
Bugzilla SUSE Bug 1204989 https://bugzilla.suse.com/1204989
Bugzilla SUSE Bug 1205149 https://bugzilla.suse.com/1205149
Bugzilla SUSE Bug 1205256 https://bugzilla.suse.com/1205256
Bugzilla SUSE Bug 1205495 https://bugzilla.suse.com/1205495
Bugzilla SUSE Bug 1205496 https://bugzilla.suse.com/1205496
Bugzilla SUSE Bug 1205601 https://bugzilla.suse.com/1205601
Bugzilla SUSE Bug 1205695 https://bugzilla.suse.com/1205695
Bugzilla SUSE Bug 1206073 https://bugzilla.suse.com/1206073
Bugzilla SUSE Bug 1206113 https://bugzilla.suse.com/1206113
Bugzilla SUSE Bug 1206114 https://bugzilla.suse.com/1206114
Bugzilla SUSE Bug 1206174 https://bugzilla.suse.com/1206174
Bugzilla SUSE Bug 1206175 https://bugzilla.suse.com/1206175
Bugzilla SUSE Bug 1206176 https://bugzilla.suse.com/1206176
Bugzilla SUSE Bug 1206177 https://bugzilla.suse.com/1206177
Bugzilla SUSE Bug 1206178 https://bugzilla.suse.com/1206178
Bugzilla SUSE Bug 1206179 https://bugzilla.suse.com/1206179
Bugzilla SUSE Bug 1206344 https://bugzilla.suse.com/1206344
Bugzilla SUSE Bug 1206389 https://bugzilla.suse.com/1206389
Bugzilla SUSE Bug 1206393 https://bugzilla.suse.com/1206393
Bugzilla SUSE Bug 1206394 https://bugzilla.suse.com/1206394
Bugzilla SUSE Bug 1206395 https://bugzilla.suse.com/1206395
Bugzilla SUSE Bug 1206397 https://bugzilla.suse.com/1206397
Bugzilla SUSE Bug 1206398 https://bugzilla.suse.com/1206398
Bugzilla SUSE Bug 1206399 https://bugzilla.suse.com/1206399
Bugzilla SUSE Bug 1206515 https://bugzilla.suse.com/1206515
Bugzilla SUSE Bug 1206602 https://bugzilla.suse.com/1206602
Bugzilla SUSE Bug 1206634 https://bugzilla.suse.com/1206634
Bugzilla SUSE Bug 1206635 https://bugzilla.suse.com/1206635
Bugzilla SUSE Bug 1206636 https://bugzilla.suse.com/1206636
Bugzilla SUSE Bug 1206637 https://bugzilla.suse.com/1206637
Bugzilla SUSE Bug 1206640 https://bugzilla.suse.com/1206640
Bugzilla SUSE Bug 1206641 https://bugzilla.suse.com/1206641
Bugzilla SUSE Bug 1206642 https://bugzilla.suse.com/1206642
Bugzilla SUSE Bug 1206643 https://bugzilla.suse.com/1206643
Bugzilla SUSE Bug 1206644 https://bugzilla.suse.com/1206644
Bugzilla SUSE Bug 1206645 https://bugzilla.suse.com/1206645
Bugzilla SUSE Bug 1206646 https://bugzilla.suse.com/1206646
Bugzilla SUSE Bug 1206647 https://bugzilla.suse.com/1206647
Bugzilla SUSE Bug 1206648 https://bugzilla.suse.com/1206648
Bugzilla SUSE Bug 1206649 https://bugzilla.suse.com/1206649
Bugzilla SUSE Bug 1206663 https://bugzilla.suse.com/1206663
Bugzilla SUSE Bug 1206664 https://bugzilla.suse.com/1206664
Bugzilla SUSE Bug 1206784 https://bugzilla.suse.com/1206784
Bugzilla SUSE Bug 1206841 https://bugzilla.suse.com/1206841
Bugzilla SUSE Bug 1206854 https://bugzilla.suse.com/1206854
Bugzilla SUSE Bug 1206855 https://bugzilla.suse.com/1206855
Bugzilla SUSE Bug 1206857 https://bugzilla.suse.com/1206857
Bugzilla SUSE Bug 1206858 https://bugzilla.suse.com/1206858
Bugzilla SUSE Bug 1206859 https://bugzilla.suse.com/1206859
Bugzilla SUSE Bug 1206860 https://bugzilla.suse.com/1206860
Bugzilla SUSE Bug 1206873 https://bugzilla.suse.com/1206873
Bugzilla SUSE Bug 1206875 https://bugzilla.suse.com/1206875
Bugzilla SUSE Bug 1206876 https://bugzilla.suse.com/1206876
Bugzilla SUSE Bug 1206877 https://bugzilla.suse.com/1206877
Bugzilla SUSE Bug 1206878 https://bugzilla.suse.com/1206878
Bugzilla SUSE Bug 1206880 https://bugzilla.suse.com/1206880
Bugzilla SUSE Bug 1206881 https://bugzilla.suse.com/1206881
Bugzilla SUSE Bug 1206882 https://bugzilla.suse.com/1206882
Bugzilla SUSE Bug 1206883 https://bugzilla.suse.com/1206883
Bugzilla SUSE Bug 1206884 https://bugzilla.suse.com/1206884
Bugzilla SUSE Bug 1206885 https://bugzilla.suse.com/1206885
Bugzilla SUSE Bug 1206886 https://bugzilla.suse.com/1206886
Bugzilla SUSE Bug 1206887 https://bugzilla.suse.com/1206887
Bugzilla SUSE Bug 1206888 https://bugzilla.suse.com/1206888
Bugzilla SUSE Bug 1206889 https://bugzilla.suse.com/1206889
Bugzilla SUSE Bug 1206890 https://bugzilla.suse.com/1206890
Bugzilla SUSE Bug 1206891 https://bugzilla.suse.com/1206891
Bugzilla SUSE Bug 1206893 https://bugzilla.suse.com/1206893
Bugzilla SUSE Bug 1206896 https://bugzilla.suse.com/1206896
Bugzilla SUSE Bug 1206904 https://bugzilla.suse.com/1206904
Bugzilla SUSE Bug 1207036 https://bugzilla.suse.com/1207036
Bugzilla SUSE Bug 1207125 https://bugzilla.suse.com/1207125
Bugzilla SUSE Bug 1207134 https://bugzilla.suse.com/1207134
Bugzilla SUSE Bug 1207186 https://bugzilla.suse.com/1207186
Bugzilla SUSE Bug 1207198 https://bugzilla.suse.com/1207198
Bugzilla SUSE Bug 1207218 https://bugzilla.suse.com/1207218
Bugzilla SUSE Bug 1207237 https://bugzilla.suse.com/1207237
CVE SUSE CVE CVE-2019-19083 page https://www.suse.com/security/cve/CVE-2019-19083/
CVE SUSE CVE CVE-2022-3105 page https://www.suse.com/security/cve/CVE-2022-3105/
CVE SUSE CVE CVE-2022-3106 page https://www.suse.com/security/cve/CVE-2022-3106/
CVE SUSE CVE CVE-2022-3107 page https://www.suse.com/security/cve/CVE-2022-3107/
CVE SUSE CVE CVE-2022-3108 page https://www.suse.com/security/cve/CVE-2022-3108/
CVE SUSE CVE CVE-2022-3111 page https://www.suse.com/security/cve/CVE-2022-3111/
CVE SUSE CVE CVE-2022-3112 page https://www.suse.com/security/cve/CVE-2022-3112/
CVE SUSE CVE CVE-2022-3115 page https://www.suse.com/security/cve/CVE-2022-3115/
CVE SUSE CVE CVE-2022-3435 page https://www.suse.com/security/cve/CVE-2022-3435/
CVE SUSE CVE CVE-2022-3564 page https://www.suse.com/security/cve/CVE-2022-3564/
CVE SUSE CVE CVE-2022-3643 page https://www.suse.com/security/cve/CVE-2022-3643/
CVE SUSE CVE CVE-2022-42328 page https://www.suse.com/security/cve/CVE-2022-42328/
CVE SUSE CVE CVE-2022-42329 page https://www.suse.com/security/cve/CVE-2022-42329/
CVE SUSE CVE CVE-2022-4662 page https://www.suse.com/security/cve/CVE-2022-4662/
CVE SUSE CVE CVE-2022-47520 page https://www.suse.com/security/cve/CVE-2022-47520/
CVE SUSE CVE CVE-2022-47929 page https://www.suse.com/security/cve/CVE-2022-47929/
CVE SUSE CVE CVE-2023-0266 page https://www.suse.com/security/cve/CVE-2023-0266/
CVE SUSE CVE CVE-2023-23454 page https://www.suse.com/security/cve/CVE-2023-23454/
CVE SUSE CVE CVE-2023-23455 page https://www.suse.com/security/cve/CVE-2023-23455/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15&sp=3 suse reiserfs-kmp-default < 5.3.18-150300.59.109.1 sles-15 x86_64
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15&sp=3 suse reiserfs-kmp-default < 5.3.18-150300.59.109.1 sles-15 s390x
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15&sp=3 suse reiserfs-kmp-default < 5.3.18-150300.59.109.1 sles-15 ppc64le
Affected pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15&sp=3 suse reiserfs-kmp-default < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-zfcpdump?arch=s390x&distro=sles-15&sp=3 suse kernel-zfcpdump < 5.3.18-150300.59.109.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15&sp=3 suse kernel-syms < 5.3.18-150300.59.109.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15&sp=3 suse kernel-syms < 5.3.18-150300.59.109.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15&sp=3 suse kernel-syms < 5.3.18-150300.59.109.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15&sp=3 suse kernel-syms < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15&sp=3 suse kernel-source < 5.3.18-150300.59.109.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-preempt?arch=x86_64&distro=sles-15&sp=3 suse kernel-preempt < 5.3.18-150300.59.109.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-preempt?arch=aarch64&distro=sles-15&sp=3 suse kernel-preempt < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-preempt-devel?arch=x86_64&distro=sles-15&sp=3 suse kernel-preempt-devel < 5.3.18-150300.59.109.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-preempt-devel?arch=aarch64&distro=sles-15&sp=3 suse kernel-preempt-devel < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15&sp=3 suse kernel-obs-build < 5.3.18-150300.59.109.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15&sp=3 suse kernel-obs-build < 5.3.18-150300.59.109.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15&sp=3 suse kernel-obs-build < 5.3.18-150300.59.109.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15&sp=3 suse kernel-obs-build < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15&sp=3 suse kernel-macros < 5.3.18-150300.59.109.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15&sp=3 suse kernel-docs < 5.3.18-150300.59.109.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15&sp=3 suse kernel-devel < 5.3.18-150300.59.109.1 sles-15 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15&sp=3 suse kernel-default < 5.3.18-150300.59.109.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=slem-5 suse kernel-default < 5.3.18-150300.59.109.1 slem-5 x86_64
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=opensuse-leap-micro-5.2 suse kernel-default < 5.3.18-150300.59.109.1 opensuse-leap-micro-5.2 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15&sp=3 suse kernel-default < 5.3.18-150300.59.109.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=slem-5 suse kernel-default < 5.3.18-150300.59.109.1 slem-5 s390x
Affected pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15&sp=3 suse kernel-default < 5.3.18-150300.59.109.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15&sp=3 suse kernel-default < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=slem-5 suse kernel-default < 5.3.18-150300.59.109.1 slem-5 aarch64
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=opensuse-leap-micro-5.2 suse kernel-default < 5.3.18-150300.59.109.1 opensuse-leap-micro-5.2 aarch64
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15&sp=3 suse kernel-default-devel < 5.3.18-150300.59.109.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15&sp=3 suse kernel-default-devel < 5.3.18-150300.59.109.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15&sp=3 suse kernel-default-devel < 5.3.18-150300.59.109.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15&sp=3 suse kernel-default-devel < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15&sp=3 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 sles-15 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=slem-5 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 slem-5 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=opensuse-leap-micro-5.2 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 opensuse-leap-micro-5.2 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15&sp=3 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 sles-15 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=slem-5 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 slem-5 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15&sp=3 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 sles-15 ppc64le
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15&sp=3 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=slem-5 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 slem-5 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=opensuse-leap-micro-5.2 suse kernel-default-base < 5.3.18-150300.59.109.1.150300.18.62.1 opensuse-leap-micro-5.2 aarch64
Affected pkg:rpm/suse/kernel-64kb?arch=aarch64&distro=sles-15&sp=3 suse kernel-64kb < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/kernel-64kb-devel?arch=aarch64&distro=sles-15&sp=3 suse kernel-64kb-devel < 5.3.18-150300.59.109.1 sles-15 aarch64
Affected pkg:rpm/suse/dtb-zte?arch=aarch64&distro=opensuse-leap-15.4 suse dtb-zte < 5.3.18-150300.59.109.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/dtb-al?arch=aarch64&distro=opensuse-leap-15.4 suse dtb-al < 5.3.18-150300.59.109.1 opensuse-leap-15.4 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date