1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:1802-1

[SUSE-SU-2023:1802-1] Security update for the Linux Kernel

Severity Important
Affected Packages 26
CVEs 11
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).
  • CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
  • CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
  • CVE-2023-0394: Fixed NULL pointer dereference that could lead to a system crash in rawv6_push_pending_frames in net/ipv6/raw.c (bsc#1207168).
  • CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209634).
  • CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
  • CVE-2023-1582: Fixed soft lockup in __page_mapcount (bsc#1209636).
  • CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779).
  • CVE-2023-1652: Fixed use-after-free that could lead to DoS and information leak in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (bsc#1209788).
  • CVE-2023-28327: Fixed DoS in in_skb in unix_diag_get_exact() (bsc#1209290).
  • CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/bluetooth/hci_conn.c (bsc#1209052).
  • CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c (bsc#1209366).

The following non-security bugs were fixed:

  • ACPI: x86: utils: Add Cezanne to the list for forcing StorageD3Enable (git-fixes).
  • ALSA: hda/conexant: Partial revert of a quirk for Lenovo (git-fixes).
  • ALSA: hda/realtek: Add quirk for Lenovo ZhaoYang CF4620Z (git-fixes).
  • ALSA: hda/realtek: Add quirks for some Clevo laptops (git-fixes).
  • ALSA: hda/realtek: Fix support for Dell Precision 3260 (git-fixes).
  • ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro (git-fixes).
  • ALSA: hda: intel-dsp-config: add MTL PCI id (git-fixes).
  • ALSA: usb-audio: Fix recursive locking at XRUN during syncing (git-fixes).
  • ALSA: usb-audio: Fix regression on detection of Roland VS-100 (git-fixes).
  • ALSA: ymfpci: Fix BUG_ON in probe function (git-fixes).
  • ARM: dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl (git-fixes).
  • ARM: dts: imx6sll: e60k02: fix usbotg1 pinctrl (git-fixes).
  • Bluetooth: L2CAP: Fix responding with wrong PDU type (git-fixes).
  • Bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).
  • Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (git-fixes).
  • Fix error path in pci-hyperv to unlock the mutex state_lock
  • HID: cp2112: Fix driver not registering GPIO IRQ chip as threaded (git-fixes).
  • HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (git-fixes).
  • Input: alps - fix compatibility with -funsigned-char (bsc#1209805).
  • KVM: x86: fix sending PV IPI (git-fixes).
  • Makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
  • NFSv4: Fix hangs when recovering open state after a server reboot (git-fixes).
  • PCI/DPC: Await readiness of secondary bus after reset (git-fixes).
  • PCI: hv: Add a per-bus mutex state_lock (bsc#1207185).
  • PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic (bsc#1207185).
  • PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev (bsc#1207185).
  • PCI: hv: Use async probing to reduce boot time (bsc#1207185).
  • PCI: hv: fix a race condition bug in hv_pci_query_relations() (bsc#1207185).
  • Revert 'Makefile: link with -z noexecstack --no-warn-rwx-segments' (bsc#1209798)
  • Revert 'PCI: hv: Fix a timing issue which causes kdump to fail occasionally' (bsc#1207185).
  • Revert 'Revert 'Makefile: link with -z noexecstack --no-warn-rwx-segments' (bsc#1209798)'
  • Revert 'Revert 'x86: link vdso and boot with -z noexecstack' (bsc#1209798)
  • Revert 'x86: link vdso and boot with -z noexecstack' (bsc#1209798)
  • USB: cdns3: Fix issue with using incorrect PCI device function (git-fixes).
  • USB: cdnsp: Fixes issue with redundant Status Stage (git-fixes).
  • USB: cdnsp: changes PCI Device ID to fix conflict with CNDS3 driver (git-fixes).
  • USB: chipdea: core: fix return -EINVAL if request role is the same with current role (git-fixes).
  • USB: chipidea: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: dwc2: fix a devres leak in hw_enable upon suspend resume (git-fixes).
  • USB: dwc3: Fix a typo in field name (git-fixes).
  • USB: dwc3: gadget: Add 1ms delay after end transfer command without IOC (git-fixes).
  • USB: fotg210: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: gadget: gr_udc: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: gadget: u_audio: do not let userspace block driver unbind (git-fixes).
  • USB: isp116x: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: isp1362: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: sl811: fix memory leak with using debugfs_lookup() (git-fixes).
  • USB: typec: tcpm: fix warning when handle discover_identity message (git-fixes).
  • USB: ucsi: Fix NULL pointer deref in ucsi_connector_change() (git-fixes).
  • USB: uhci: fix memory leak with using debugfs_lookup() (git-fixes).
  • arch: fix broken BuildID for arm64 and riscv (bsc#1209798).
  • arm64/cpufeature: Fix field sign for DIT hwcap detection (git-fixes)
  • arm64: dts: freescale: Fix pca954x i2c-mux node names (git-fixes)
  • arm64: dts: imx8mm-nitrogen-r2: fix WM8960 clock name (git-fixes).
  • arm64: dts: imx8mn: specify #sound-dai-cells for SAI nodes (git-fixes).
  • arm64: dts: imx8mp-phycore-som: Remove invalid PMIC property (git-fixes)
  • arm64: dts: imx8mp: correct usb clocks (git-fixes)
  • arm64: dts: imx8mq: add mipi csi phy and csi bridge descriptions (git-fixes)
  • arm64: dts: imx8mq: fix mipi_csi bidirectional port numbers (git-fixes)
  • arm64: dts: qcom: sm8350: Mark UFS controller as cache coherent (git-fixes).
  • atm: idt77252: fix kmemleak when rmmod idt77252 (git-fixes).
  • ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx() (git-fixes).
  • ca8210: fix mac_len negative array access (git-fixes).
  • can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write (git-fixes).
  • cifs: Fix smb2_set_path_size() (git-fixes).
  • cifs: Move the in_send statistic to __smb_send_rqst() (git-fixes).
  • cifs: append path to open_enter trace event (bsc#1193629).
  • cifs: avoid race conditions with parallel reconnects (bsc#1193629).
  • cifs: avoid races in parallel reconnects in smb1 (bsc#1193629).
  • cifs: check only tcon status on tcon related functions (bsc#1193629).
  • cifs: do not poll server interfaces too regularly (bsc#1193629).
  • cifs: dump pending mids for all channels in DebugData (bsc#1193629).
  • cifs: empty interface list when server does not support query interfaces (bsc#1193629).
  • cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL (bsc#1193629).
  • cifs: fix dentry lookups in directory handle cache (bsc#1193629).
  • cifs: fix missing unload_nls() in smb2_reconnect() (bsc#1193629).
  • cifs: fix use-after-free bug in refresh_cache_worker() (bsc#1193629).
  • cifs: generate signkey for the channel that's reconnecting (bsc#1193629).
  • cifs: get rid of dead check in smb2_reconnect() (bsc#1193629).
  • cifs: lock chan_lock outside match_session (bsc#1193629).
  • cifs: prevent infinite recursion in CIFSGetDFSRefer() (bsc#1193629).
  • cifs: print session id while listing open files (bsc#1193629).
  • cifs: return DFS root session id in DebugData (bsc#1193629).
  • cifs: set DFS root session in cifs_get_smb_ses() (bsc#1193629).
  • cifs: use DFS root session instead of tcon ses (bsc#1193629).
  • drivers/base: Fix unsigned comparison to -1 in CPUMAP_FILE_MAX_BYTES (bsc#1208815).
  • drivers/base: fix userspace break from using bin_attributes for cpumap and cpulist (bsc#1208815).
  • drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes (git-fixes).
  • drm/amdkfd: Fix an illegal memory access (git-fixes).
  • drm/bridge: lt8912b: return EPROBE_DEFER if bridge is not found (git-fixes).
  • drm/i915/active: Fix missing debug object activation (git-fixes).
  • drm/i915/active: Fix misuse of non-idle barriers as fence trackers (git-fixes).
  • drm/i915/display/psr: Handle plane and pipe restrictions at every page flip (git-fixes).
  • drm/i915/display/psr: Use drm damage helpers to calculate plane damaged area (git-fixes).
  • drm/i915/display: Workaround cursor left overs with PSR2 selective fetch enabled (git-fixes).
  • drm/i915/display: clean up comments (git-fixes).
  • drm/i915/gt: perform uc late init after probe error injection (git-fixes).
  • drm/i915/psr: Use calculated io and fast wake lines (git-fixes).
  • drm/i915/tc: Fix the ICL PHY ownership check in TC-cold state (git-fixes).
  • drm/i915: Do not use BAR mappings for ring buffers with LLC (git-fixes).
  • drm/i915: Do not use stolen memory for ring buffers with LLC (git-fixes).
  • drm/i915: Preserve crtc_state->inherited during state clearing (git-fixes).
  • drm/i915: Remove unused bits of i915_vma/active api (git-fixes).
  • efi: sysfb_efi: Fix DMI quirks not working for simpledrm (git-fixes).
  • fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks (git-fixes).
  • firmware: arm_scmi: Fix device node validation for mailbox transport (git-fixes).
  • hwmon: fix potential sensor registration fail if of_node is missing (git-fixes).
  • i2c: hisi: Only use the completion interrupt to finish the transfer (git-fixes).
  • i2c: imx-lpi2c: check only for enabled interrupt flags (git-fixes).
  • i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (git-fixes).
  • kABI: x86/msr: Remove .fixup usage (kabi).
  • kconfig: Update config changed flag before calling callback (git-fixes).
  • lan78xx: Add missing return code checks (git-fixes).
  • lan78xx: Fix exception on link speed change (git-fixes).
  • lan78xx: Fix memory allocation bug (git-fixes).
  • lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
  • lan78xx: Fix race condition in disconnect handling (git-fixes).
  • lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
  • lan78xx: Fix white space and style issues (git-fixes).
  • lan78xx: Remove unused pause frame queue (git-fixes).
  • lan78xx: Remove unused timer (git-fixes).
  • lan78xx: Set flow control threshold to prevent packet loss (git-fixes).
  • lockd: set file_lock start and end when decoding nlm4 testargs (git-fixes).
  • locking/rwbase: Mitigate indefinite writer starvation (bsc#1189998 (PREEMPT_RT prerequisite backports), bsc#1206552).
  • mm: memcg: fix swapcached stat accounting (bsc#1209804).
  • mmc: atmel-mci: fix race between stop command and start of next command (git-fixes).
  • mtd: rawnand: meson: invalidate cache on polling ECC bit (git-fixes).
  • net: asix: fix modprobe 'sysfs: cannot create duplicate filename' (git-fixes).
  • net: mdio: thunder: Add missing fwnode_handle_put() (git-fixes).
  • net: phy: Ensure state transitions are processed from phy_stop() (git-fixes).
  • net: phy: dp83869: fix default value for tx-/rx-internal-delay (git-fixes).
  • net: phy: nxp-c45-tja11xx: fix MII_BASIC_CONFIG_REV bit (git-fixes).
  • net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails (git-fixes).
  • net: qcom/emac: Fix use after free bug in emac_remove due to race condition (git-fixes).
  • net: usb: asix: remove redundant assignment to variable reg (git-fixes).
  • net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990 (git-fixes).
  • net: usb: lan78xx: Limit packet length to skb->len (git-fixes).
  • net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
  • net: usb: smsc95xx: Limit packet length to skb->len (git-fixes).
  • net: usb: use eth_hw_addr_set() (git-fixes).
  • nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() (git-fixes).
  • nvme-tcp: always fail a request when sending it failed (bsc#1208902).
  • pinctrl: amd: Disable and mask interrupts on resume (git-fixes).
  • pinctrl: at91-pio4: fix domain name assignment (git-fixes).
  • pinctrl: ocelot: Fix alt mode for ocelot (git-fixes).
  • platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl (git-fixes).
  • platform/x86/intel/pmc: Alder Lake PCH slp_s0_residency fix (git-fixes).
  • platform/x86: think-lmi: Add possible_values for ThinkStation (git-fixes).
  • platform/x86: think-lmi: Certificate authentication support (bsc#1210050).
  • platform/x86: think-lmi: Move kobject_init() call into tlmi_create_auth() (bsc#1210050).
  • platform/x86: think-lmi: Opcode support (bsc#1210050).
  • platform/x86: think-lmi: Prevent underflow in index_store() (bsc#1210050).
  • platform/x86: think-lmi: Simplify tlmi_analyze() error handling a bit (bsc#1210050).
  • platform/x86: think-lmi: Use min_t() for comparison and assignment (bsc#1210050).
  • platform/x86: think-lmi: add debug_cmd (bsc#1210050).
  • platform/x86: think-lmi: add missing type attribute (git-fixes).
  • platform/x86: think-lmi: certificate support clean ups (bsc#1210050).
  • platform/x86: think-lmi: only display possible_values if available (git-fixes).
  • platform/x86: think-lmi: use correct possible_values delimiters (git-fixes).
  • platform/x86: thinkpad-acpi: Add support for automatic mode transitions (bsc#1210050).
  • platform/x86: thinkpad-acpi: Enable AMT by default on supported systems (bsc#1210050).
  • platform/x86: thinkpad-acpi: profile capabilities as integer (bsc#1210050).
  • platform/x86: thinkpad_acpi: Accept ibm_init_struct.init() returning -ENODEV (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add LED_RETAIN_AT_SHUTDOWN to led_class_devs (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add PSC mode support (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add a s2idle resume quirk for a number of laptops (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add dual fan probe (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add dual-fan quirk for T15g (2nd gen) (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add hotkey_notify_extended_hotkey() helper (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add lid_logo_dot to the list of safe LEDs (bsc#1210050).
  • platform/x86: thinkpad_acpi: Add quirk for ThinkPads without a fan (bsc#1210050).
  • platform/x86: thinkpad_acpi: Cleanup dytc_profile_available (bsc#1210050).
  • platform/x86: thinkpad_acpi: Convert btusb DMI list to quirks (bsc#1210050).
  • platform/x86: thinkpad_acpi: Convert platform driver to use dev_groups (bsc#1210050).
  • platform/x86: thinkpad_acpi: Correct dual fan probe (bsc#1210050).
  • platform/x86: thinkpad_acpi: Do not use test_bit on an integer (bsc#1210050).
  • platform/x86: thinkpad_acpi: Enable s2idle quirk for 21A1 machine type (bsc#1210050).
  • platform/x86: thinkpad_acpi: Explicitly set to balanced mode on startup (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix coccinelle warnings (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix compiler warning about uninitialized err variable (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix incorrect use of platform profile on AMD platforms (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix max_brightness of thinklight (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix profile mode display in AMT mode (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix profile modes on Intel platforms (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix reporting a non present second fan on some models (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix the hwmon sysfs-attr showing up in the wrong place (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix thermal_temp_input_attr sorting (bsc#1210050).
  • platform/x86: thinkpad_acpi: Fix thinklight LED brightness returning 255 (bsc#1210050).
  • platform/x86: thinkpad_acpi: Get privacy-screen / lcdshadow ACPI handles only once (bsc#1210050).
  • platform/x86: thinkpad_acpi: Make *_init() functions return -ENODEV instead of 1 (bsc#1210050).
  • platform/x86: thinkpad_acpi: Properly indent code in tpacpi_dytc_profile_init() (bsc#1210050).
  • platform/x86: thinkpad_acpi: Register tpacpi_pdriver after subdriver init (bsc#1210050).
  • platform/x86: thinkpad_acpi: Remove 'goto err_exit' from hotkey_init() (bsc#1210050).
  • platform/x86: thinkpad_acpi: Remove unused sensors_pdev_attrs_registered flag (bsc#1210050).
  • platform/x86: thinkpad_acpi: Restore missing hotkey_tablet_mode and hotkey_radio_sw sysfs-attr (bsc#1210050).
  • platform/x86: thinkpad_acpi: Simplify dytc_version handling (bsc#1210050).
  • platform/x86: thinkpad_acpi: Switch to common use of attributes (bsc#1210050).
  • platform/x86: thinkpad_acpi: Use backlight helper (bsc#1210050).
  • platform/x86: thinkpad_acpi: clean up dytc profile convert (bsc#1210050).
  • platform/x86: thinkpad_acpi: consistently check fan_get_status return (bsc#1210050).
  • platform/x86: thinkpad_acpi: do not use PSC mode on Intel platforms (bsc#1210050).
  • platform/x86: thinkpad_acpi: tpacpi_attr_group contains driver attributes not device attrs (bsc#1210050).
  • platform/x86: thinkpad_acpi: use strstarts() (bsc#1210050).
  • power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (git-fixes).
  • powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch (bsc#1194869).
  • powerpc/btext: add missing of_node_put (bsc#1065729).
  • powerpc/ioda/iommu/debugfs: Generate unique debugfs entries (bsc#1194869).
  • powerpc/iommu: Add missing of_node_put in iommu_init_early_dart (bsc#1194869).
  • powerpc/iommu: fix memory leak with using debugfs_lookup() (bsc#1194869).
  • powerpc/kcsan: Exclude udelay to prevent recursive instrumentation (bsc#1194869).
  • powerpc/kexec_file: fix implicit decl error (bsc#1194869).
  • powerpc/powernv/ioda: Skip unallocated resources when mapping to PE (bsc#1065729).
  • powerpc/powernv: fix missing of_node_put in uv_init() (bsc#1194869).
  • powerpc/pseries/lpar: add missing RTAS retry status handling (bsc#1109158 ltc#169177 git-fixes).
  • powerpc/pseries/lparcfg: add missing RTAS retry status handling (bsc#1065729).
  • powerpc/rtas: ensure 4KB alignment for rtas_data_buf (bsc#1065729).
  • powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT (bsc#1194869).
  • powerpc/vmlinux.lds: Do not discard .comment (bsc#1194869).
  • powerpc/vmlinux.lds: Do not discard .rela* for relocatable builds (bsc#1194869).
  • powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds (bsc#1194869).
  • powerpc: Remove linker flag from KBUILD_AFLAGS (bsc#1194869).
  • r8169: fix RTL8168H and RTL8107E rx crc error (git-fixes).
  • regulator: Handle deferred clk (git-fixes).
  • remove 'PCI: hv: Use async probing to reduce boot time' (bsc#1207185).
  • rpm/config.sh: Disable DT build. This setting has been ignored for non-default variants so far.
  • rpm/constraints.in: increase the disk size for armv6/7 to 24GB It grows and the build fails recently on SLE15-SP4/5.
  • s390/boot: simplify and fix kernel memory layout setup (bsc#1209600).
  • s390/dasd: fix no record found for raw_track_access (bsc#1207574).
  • s390/vfio-ap: fix memory leak in vfio_ap device driver (git-fixes).
  • sbitmap: Avoid lockups when waker gets preempted (bsc#1209118).
  • sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1209799).
  • scsi: qla2xxx: Synchronize the IOCB count to be in order (bsc#1209292 bsc#1209684 bsc#1209556).
  • sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list (bsc#1208602, git-fixes).
  • serial: 8250: ASPEED_VUART: select REGMAP instead of depending on it (git-fixes).
  • serial: 8250: SERIAL_8250_ASPEED_VUART should depend on ARCH_ASPEED (git-fixes).
  • serial: fsl_lpuart: Fix comment typo (git-fixes).
  • smb3: fix unusable share after force unmount failure (bsc#1193629).
  • smb3: lower default deferred close timeout to address perf regression (bsc#1193629).
  • thunderbolt: Add missing UNSET_INBOUND_SBTX for retimer access (git-fixes).
  • thunderbolt: Call tb_check_quirks() after initializing adapters (git-fixes).
  • thunderbolt: Disable interrupt auto clear for rings (git-fixes).
  • thunderbolt: Rename shadowed variables bit to interrupt_bit and auto_clear_bit (git-fixes).
  • thunderbolt: Use const qualifier for ring_interrupt_index (git-fixes).
  • thunderbolt: Use scale field when allocating USB3 bandwidth (git-fixes).
  • tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted (git-fixes).
  • uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 (git-fixes).
  • vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready (git-fixes).
  • wifi: mac80211: fix qos on mesh interfaces (git-fixes).
  • x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes).
  • x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes).
  • x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).
  • x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).
  • x86/fpu: Cache xfeature flags from CPUID (git-fixes).
  • x86/fpu: Remove unused supervisor only offsets (git-fixes).
  • x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).
  • x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
  • x86/mce: Allow instrumentation during task work queueing (git-fixes).
  • x86/mce: Mark mce_end() noinstr (git-fixes).
  • x86/mce: Mark mce_panic() noinstr (git-fixes).
  • x86/mce: Mark mce_read_aux() noinstr (git-fixes).
  • x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes).
  • x86/msr: Remove .fixup usage (git-fixes).
  • x86/sgx: Free backing memory after faulting the enclave page (git-fixes).
  • x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes).
  • x86/uaccess: Move variable into switch case statement (git-fixes).
  • x86: Annotate call_on_stack() (git-fixes).
  • x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
  • xfs: convert ptag flags to unsigned (git-fixes).
  • xfs: do not assert fail on perag references on teardown (git-fixes).
  • xfs: do not leak btree cursor when insrec fails after a split (git-fixes).
  • xfs: pass the correct cursor to xfs_iomap_prealloc_size (git-fixes).
  • xfs: remove xfs_setattr_time() declaration (git-fixes).
  • xfs: zero inode fork buffer at allocation (git-fixes).
  • xirc2ps_cs: Fix use after free bug in xirc2ps_detach (git-fixes).
Package Affected Version
pkg:rpm/suse/reiserfs-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/reiserfs-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/ocfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/ocfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kselftests-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kselftests-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-syms-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-optional?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-optional?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-livepatch-devel?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-livepatch-devel?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-extra?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-extra?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/kernel-azure-devel?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/gfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/gfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/dlm-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/dlm-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/cluster-md-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
pkg:rpm/suse/cluster-md-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 < 5.14.21-150400.14.43.1
ID
SUSE-SU-2023:1802-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20231802-1/
Published
2023-04-10T08:30:48
(17 months ago)
Modified
2023-04-10T08:30:48
(17 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1802-1.json
Suse URL for SUSE-SU-2023:1802-1 https://www.suse.com/support/update/announcement/2023/suse-su-20231802-1/
Suse E-Mail link for SUSE-SU-2023:1802-1 https://lists.suse.com/pipermail/sle-updates/2023-April/028740.html
Bugzilla SUSE Bug 1065729 https://bugzilla.suse.com/1065729
Bugzilla SUSE Bug 1109158 https://bugzilla.suse.com/1109158
Bugzilla SUSE Bug 1189998 https://bugzilla.suse.com/1189998
Bugzilla SUSE Bug 1193629 https://bugzilla.suse.com/1193629
Bugzilla SUSE Bug 1194869 https://bugzilla.suse.com/1194869
Bugzilla SUSE Bug 1198400 https://bugzilla.suse.com/1198400
Bugzilla SUSE Bug 1203200 https://bugzilla.suse.com/1203200
Bugzilla SUSE Bug 1206552 https://bugzilla.suse.com/1206552
Bugzilla SUSE Bug 1207168 https://bugzilla.suse.com/1207168
Bugzilla SUSE Bug 1207185 https://bugzilla.suse.com/1207185
Bugzilla SUSE Bug 1207574 https://bugzilla.suse.com/1207574
Bugzilla SUSE Bug 1208602 https://bugzilla.suse.com/1208602
Bugzilla SUSE Bug 1208815 https://bugzilla.suse.com/1208815
Bugzilla SUSE Bug 1208902 https://bugzilla.suse.com/1208902
Bugzilla SUSE Bug 1209052 https://bugzilla.suse.com/1209052
Bugzilla SUSE Bug 1209118 https://bugzilla.suse.com/1209118
Bugzilla SUSE Bug 1209256 https://bugzilla.suse.com/1209256
Bugzilla SUSE Bug 1209290 https://bugzilla.suse.com/1209290
Bugzilla SUSE Bug 1209292 https://bugzilla.suse.com/1209292
Bugzilla SUSE Bug 1209366 https://bugzilla.suse.com/1209366
Bugzilla SUSE Bug 1209532 https://bugzilla.suse.com/1209532
Bugzilla SUSE Bug 1209547 https://bugzilla.suse.com/1209547
Bugzilla SUSE Bug 1209556 https://bugzilla.suse.com/1209556
Bugzilla SUSE Bug 1209600 https://bugzilla.suse.com/1209600
Bugzilla SUSE Bug 1209634 https://bugzilla.suse.com/1209634
Bugzilla SUSE Bug 1209635 https://bugzilla.suse.com/1209635
Bugzilla SUSE Bug 1209636 https://bugzilla.suse.com/1209636
Bugzilla SUSE Bug 1209681 https://bugzilla.suse.com/1209681
Bugzilla SUSE Bug 1209684 https://bugzilla.suse.com/1209684
Bugzilla SUSE Bug 1209779 https://bugzilla.suse.com/1209779
Bugzilla SUSE Bug 1209788 https://bugzilla.suse.com/1209788
Bugzilla SUSE Bug 1209798 https://bugzilla.suse.com/1209798
Bugzilla SUSE Bug 1209799 https://bugzilla.suse.com/1209799
Bugzilla SUSE Bug 1209804 https://bugzilla.suse.com/1209804
Bugzilla SUSE Bug 1209805 https://bugzilla.suse.com/1209805
Bugzilla SUSE Bug 1210050 https://bugzilla.suse.com/1210050
CVE SUSE CVE CVE-2017-5753 page https://www.suse.com/security/cve/CVE-2017-5753/
CVE SUSE CVE CVE-2022-4744 page https://www.suse.com/security/cve/CVE-2022-4744/
CVE SUSE CVE CVE-2023-0394 page https://www.suse.com/security/cve/CVE-2023-0394/
CVE SUSE CVE CVE-2023-1281 page https://www.suse.com/security/cve/CVE-2023-1281/
CVE SUSE CVE CVE-2023-1513 page https://www.suse.com/security/cve/CVE-2023-1513/
CVE SUSE CVE CVE-2023-1582 page https://www.suse.com/security/cve/CVE-2023-1582/
CVE SUSE CVE CVE-2023-1637 page https://www.suse.com/security/cve/CVE-2023-1637/
CVE SUSE CVE CVE-2023-1652 page https://www.suse.com/security/cve/CVE-2023-1652/
CVE SUSE CVE CVE-2023-28327 page https://www.suse.com/security/cve/CVE-2023-28327/
CVE SUSE CVE CVE-2023-28464 page https://www.suse.com/security/cve/CVE-2023-28464/
CVE SUSE CVE CVE-2023-28466 page https://www.suse.com/security/cve/CVE-2023-28466/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/reiserfs-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 suse reiserfs-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/reiserfs-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 suse reiserfs-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/ocfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 suse ocfs2-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/ocfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 suse ocfs2-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/kselftests-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 suse kselftests-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/kselftests-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 suse kselftests-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=opensuse-leap-15.4 suse kernel-syms-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/kernel-syms-azure?arch=aarch64&distro=opensuse-leap-15.4 suse kernel-syms-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=opensuse-leap-15.4 suse kernel-source-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 noarch
Affected pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=opensuse-leap-15.4 suse kernel-devel-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 noarch
Affected pkg:rpm/suse/kernel-azure?arch=x86_64&distro=opensuse-leap-15.4 suse kernel-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/kernel-azure?arch=aarch64&distro=opensuse-leap-15.4 suse kernel-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/kernel-azure-optional?arch=x86_64&distro=opensuse-leap-15.4 suse kernel-azure-optional < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/kernel-azure-optional?arch=aarch64&distro=opensuse-leap-15.4 suse kernel-azure-optional < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/kernel-azure-livepatch-devel?arch=x86_64&distro=opensuse-leap-15.4 suse kernel-azure-livepatch-devel < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/kernel-azure-livepatch-devel?arch=aarch64&distro=opensuse-leap-15.4 suse kernel-azure-livepatch-devel < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/kernel-azure-extra?arch=x86_64&distro=opensuse-leap-15.4 suse kernel-azure-extra < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/kernel-azure-extra?arch=aarch64&distro=opensuse-leap-15.4 suse kernel-azure-extra < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=opensuse-leap-15.4 suse kernel-azure-devel < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/kernel-azure-devel?arch=aarch64&distro=opensuse-leap-15.4 suse kernel-azure-devel < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/gfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 suse gfs2-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/gfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 suse gfs2-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/dlm-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 suse dlm-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/dlm-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 suse dlm-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
Affected pkg:rpm/suse/cluster-md-kmp-azure?arch=x86_64&distro=opensuse-leap-15.4 suse cluster-md-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 x86_64
Affected pkg:rpm/suse/cluster-md-kmp-azure?arch=aarch64&distro=opensuse-leap-15.4 suse cluster-md-kmp-azure < 5.14.21-150400.14.43.1 opensuse-leap-15.4 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date