1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:0762-1

[SUSE-SU-2023:0762-1] Security update for the Linux Kernel

Severity Important
Affected Packages 6
CVEs 6
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).
  • CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
  • CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm (bsc#1207845).
  • CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
  • CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
  • CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).

The following non-security bugs were fixed:

  • bonding: fix 802.3ad state sent to partner when unbinding slave (git-fixes).
  • do not sign the vanilla kernel (bsc#1209008).
  • icmp: do not fail on fragment reassembly time exceeded (git-fixes).
  • ipmi: fix initialization when workqueue allocation fails (git-fixes).
  • ipmi: msghandler: Make symbol 'remove_work_wq' static (git-fixes).
  • kabi fix for - SUNRPC: Fix priority queue fairness (git-fixes).
  • kabi fix for: NFS: Pass error information to the pgio error cleanup routine (git-fixes).
  • kabi/severities: add l2tp local symbols
  • kernel-module-subpackage: Fix expansion with -b parameter (bsc#1208179). When -b is specified the script is prefixed with KMP_NEEDS_MKINITRD=1 which sets the variable for a simple command. However, the script is no longer a simple command. Export the variable instead.
  • media: coda: Add check for dcoda_iram_alloc (git-fixes).
  • media: coda: Add check for kmalloc (git-fixes).
  • media: platform: ti: Add missing check for devm_regulator_get (git-fixes).
  • net: aquantia: fix RSS table and key sizes (git-fixes).
  • netfilter: ipvs: Fix inappropriate output of procfs (git-fixes).
  • netfilter: xt_connlimit: do not store address in the conn nodes (git-fixes).
  • nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request (git-fixes).
  • nfs: Pass error information to the pgio error cleanup routine (git-fixes).
  • nfsd: fix handling of XXXXXXX in v4root vs. mount upcall timeout (git-fixes).
  • nfsd: fix race to check ls_layouts (git-fixes).
  • nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure (git-fixes).
  • ocfs2: Fix data corruption after failed write (bsc#1208542).
  • pNFS/filelayout: Fix coalescing test for single DS (git-fixes).
  • powerpc/eeh: Fix use-after-release of EEH driver (bsc#1065729).
  • powerpc/fscr: Enable interrupts earlier before calling get_user() (bsc#1065729).
  • powerpc/powernv: Fix build error in opal-imc.c when NUMA=n (bsc#1065729).
  • powerpc/powernv: IMC fix out of bounds memory access at shutdown (bsc#1065729).
  • scsi: qla2xxx: Add option to disable FC2 Target support (bsc#1198438 bsc#1206103).
  • sunrpc: Fix priority queue fairness (git-fixes).
  • sunrpc: ensure the matching upcall is in-flight upon downcall (git-fixes).
  • vlan: Fix out of order vlan headers with reorder header off (git-fixes).
  • vlan: Fix vlan insertion for packets without ethernet header (git-fixes).
  • vxlan: Fix error path in __vxlan_dev_create() (git-fixes).
  • vxlan: changelink: Fix handling of default remotes (git-fixes).
  • xfrm: Copy policy family in clone_policy (git-fixes).
Package Affected Version
pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-16.127.1
pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=sles-12&sp=5 < 4.12.14-16.127.1
pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=sles-12&sp=5 < 4.12.14-16.127.1
pkg:rpm/suse/kernel-azure?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-16.127.1
pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-16.127.1
pkg:rpm/suse/kernel-azure-base?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-16.127.1
ID
SUSE-SU-2023:0762-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20230762-1/
Published
2023-03-16T10:36:06
(18 months ago)
Modified
2023-03-16T10:36:06
(18 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0762-1.json
Suse URL for SUSE-SU-2023:0762-1 https://www.suse.com/support/update/announcement/2023/suse-su-20230762-1/
Suse E-Mail link for SUSE-SU-2023:0762-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/014066.html
Bugzilla SUSE Bug 1065729 https://bugzilla.suse.com/1065729
Bugzilla SUSE Bug 1198438 https://bugzilla.suse.com/1198438
Bugzilla SUSE Bug 1203331 https://bugzilla.suse.com/1203331
Bugzilla SUSE Bug 1205711 https://bugzilla.suse.com/1205711
Bugzilla SUSE Bug 1206103 https://bugzilla.suse.com/1206103
Bugzilla SUSE Bug 1207051 https://bugzilla.suse.com/1207051
Bugzilla SUSE Bug 1207845 https://bugzilla.suse.com/1207845
Bugzilla SUSE Bug 1208179 https://bugzilla.suse.com/1208179
Bugzilla SUSE Bug 1208542 https://bugzilla.suse.com/1208542
Bugzilla SUSE Bug 1208700 https://bugzilla.suse.com/1208700
Bugzilla SUSE Bug 1208837 https://bugzilla.suse.com/1208837
Bugzilla SUSE Bug 1209008 https://bugzilla.suse.com/1209008
Bugzilla SUSE Bug 1209188 https://bugzilla.suse.com/1209188
CVE SUSE CVE CVE-2022-38096 page https://www.suse.com/security/cve/CVE-2022-38096/
CVE SUSE CVE CVE-2022-4129 page https://www.suse.com/security/cve/CVE-2022-4129/
CVE SUSE CVE CVE-2023-0597 page https://www.suse.com/security/cve/CVE-2023-0597/
CVE SUSE CVE CVE-2023-1118 page https://www.suse.com/security/cve/CVE-2023-1118/
CVE SUSE CVE CVE-2023-23559 page https://www.suse.com/security/cve/CVE-2023-23559/
CVE SUSE CVE CVE-2023-26545 page https://www.suse.com/security/cve/CVE-2023-26545/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=sles-12&sp=5 suse kernel-syms-azure < 4.12.14-16.127.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=sles-12&sp=5 suse kernel-source-azure < 4.12.14-16.127.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=sles-12&sp=5 suse kernel-devel-azure < 4.12.14-16.127.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-azure?arch=x86_64&distro=sles-12&sp=5 suse kernel-azure < 4.12.14-16.127.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=sles-12&sp=5 suse kernel-azure-devel < 4.12.14-16.127.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-azure-base?arch=x86_64&distro=sles-12&sp=5 suse kernel-azure-base < 4.12.14-16.127.1 sles-12 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date