[SUSE-SU-2023:2147-1] Security update for the Linux Kernel

Severity Important

Affected Packages 1

CVEs 15

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
CVE-2023-1872:Fixed a use after free vulnerability in the io_uring subsystem, which could lead to local privilege escalation (bsc#1210414).
CVE-2022-2196: Fixed a regression related to KVM that allowed for speculative execution attacks (bsc#1206992).
CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
CVE-2023-30772: Fixed a race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
CVE-2023-2008: A flaw was found in the fault handler of the udmabuf device driver. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code (bsc#1210453).
CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
CVE-2020-36691: Fixed a denial of service vulnerability via a nested Netlink policy with a back reference (bsc#1209777).
CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).

The following non-security bugs were fixed:

Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
cifs: fix negotiate context parsing (bsc#1210301).
keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
vmxnet3: use gro callback when UPT is enabled (bsc#1209739).

Package	Affected Version
pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5	< 5.3.18-150300.127.1

ID

SUSE-SU-2023:2147-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2023/suse-su-20232147-1/

Published

2023-05-09T15:04:16
(16 months ago)

Modified

2023-05-09T15:04:16
(16 months ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2147-1.json
Suse	URL for SUSE-SU-2023:2147-1	https://www.suse.com/support/update/announcement/2023/suse-su-20232147-1/
Suse	E-Mail link for SUSE-SU-2023:2147-1	https://lists.suse.com/pipermail/sle-updates/2023-May/029301.html
Bugzilla	SUSE Bug 1202353	https://bugzilla.suse.com/1202353
Bugzilla	SUSE Bug 1206992	https://bugzilla.suse.com/1206992
Bugzilla	SUSE Bug 1207088	https://bugzilla.suse.com/1207088
Bugzilla	SUSE Bug 1209687	https://bugzilla.suse.com/1209687
Bugzilla	SUSE Bug 1209739	https://bugzilla.suse.com/1209739
Bugzilla	SUSE Bug 1209777	https://bugzilla.suse.com/1209777
Bugzilla	SUSE Bug 1209871	https://bugzilla.suse.com/1209871
Bugzilla	SUSE Bug 1210202	https://bugzilla.suse.com/1210202
Bugzilla	SUSE Bug 1210203	https://bugzilla.suse.com/1210203
Bugzilla	SUSE Bug 1210301	https://bugzilla.suse.com/1210301
Bugzilla	SUSE Bug 1210329	https://bugzilla.suse.com/1210329
Bugzilla	SUSE Bug 1210336	https://bugzilla.suse.com/1210336
Bugzilla	SUSE Bug 1210337	https://bugzilla.suse.com/1210337
Bugzilla	SUSE Bug 1210414	https://bugzilla.suse.com/1210414
Bugzilla	SUSE Bug 1210453	https://bugzilla.suse.com/1210453
Bugzilla	SUSE Bug 1210469	https://bugzilla.suse.com/1210469
Bugzilla	SUSE Bug 1210498	https://bugzilla.suse.com/1210498
Bugzilla	SUSE Bug 1210506	https://bugzilla.suse.com/1210506
Bugzilla	SUSE Bug 1210629	https://bugzilla.suse.com/1210629
Bugzilla	SUSE Bug 1210647	https://bugzilla.suse.com/1210647
CVE	SUSE CVE CVE-2020-36691 page	https://www.suse.com/security/cve/CVE-2020-36691/
CVE	SUSE CVE CVE-2022-2196 page	https://www.suse.com/security/cve/CVE-2022-2196/
CVE	SUSE CVE CVE-2023-1611 page	https://www.suse.com/security/cve/CVE-2023-1611/
CVE	SUSE CVE CVE-2023-1670 page	https://www.suse.com/security/cve/CVE-2023-1670/
CVE	SUSE CVE CVE-2023-1838 page	https://www.suse.com/security/cve/CVE-2023-1838/
CVE	SUSE CVE CVE-2023-1855 page	https://www.suse.com/security/cve/CVE-2023-1855/
CVE	SUSE CVE CVE-2023-1872 page	https://www.suse.com/security/cve/CVE-2023-1872/
CVE	SUSE CVE CVE-2023-1989 page	https://www.suse.com/security/cve/CVE-2023-1989/
CVE	SUSE CVE CVE-2023-1990 page	https://www.suse.com/security/cve/CVE-2023-1990/
CVE	SUSE CVE CVE-2023-1998 page	https://www.suse.com/security/cve/CVE-2023-1998/
CVE	SUSE CVE CVE-2023-2008 page	https://www.suse.com/security/cve/CVE-2023-2008/
CVE	SUSE CVE CVE-2023-2124 page	https://www.suse.com/security/cve/CVE-2023-2124/
CVE	SUSE CVE CVE-2023-2162 page	https://www.suse.com/security/cve/CVE-2023-2162/
CVE	SUSE CVE CVE-2023-2176 page	https://www.suse.com/security/cve/CVE-2023-2176/
CVE	SUSE CVE CVE-2023-30772 page	https://www.suse.com/security/cve/CVE-2023-30772/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5	suse	kernel-rt	< 5.3.18-150300.127.1	slem-5	x86_64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date