[SUSE-SU-2023:2537-1] Security update for the Linux Kernel
Severity
Important
Affected Packages
20
CVEs
13
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).
- CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
- CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940 bsc#1211260).
- CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-1380: A slab-out-of-bound read problem was fixed in brcmf_get_assoc_ies(), that could lead to a denial of service (bsc#1209287).
- CVE-2023-2513: A use-after-free vulnerability was fixed in the ext4 filesystem, related to the way it handled the extra inode size for extended attributes (bsc#1211105).
- CVE-2023-2176: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege (bsc#1210629).
The following non-security bugs were fixed:
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
- ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).
- ID
- SUSE-SU-2023:2537-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
- Published
-
2023-06-19T07:54:38
(15 months ago) - Modified
-
2023-06-19T07:54:38
(15 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1744
- ALAS2-2023-2027
- ALAS2-2023-2035
- ALSA-2023:2458
- ALSA-2023:2951
- ALSA-2023:3723
- ALSA-2023:4517
- ALSA-2023:7077
- ALSA-2023:7549
- ALSA-2024:0897
- DSA-5402-1
- DSA-5448-1
- DSA-5480-1
- ELSA-2023-12199
- ELSA-2023-12200
- ELSA-2023-12206
- ELSA-2023-12207
- ELSA-2023-12688
- ELSA-2023-12842
- ELSA-2023-2458
- ELSA-2023-2951
- ELSA-2023-3723
- ELSA-2023-4517
- ELSA-2023-7077
- ELSA-2023-7549
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12094
- ELSA-2024-12187
- ELSA-2024-12610
- ELSA-2024-12612
- ELSA-2024-1831
- FEDORA-2023-4426b7005f
- FEDORA-2023-75b22000cd
- MS:CVE-2023-2513
- MS:CVE-2023-31436
- RHSA-2023:2148
- RHSA-2023:2458
- RHSA-2023:2736
- RHSA-2023:2951
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:4517
- RHSA-2023:4541
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2023:7548
- RHSA-2023:7549
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1323
- RLSA-2023:4517
- RLSA-2023:7549
- SSA:2023-172-02
- SSA:2023-325-01
- SUSE-SU-2022:4504-1
- SUSE-SU-2022:4585-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:2140-1
- SUSE-SU-2023:2141-1
- SUSE-SU-2023:2146-1
- SUSE-SU-2023:2147-1
- SUSE-SU-2023:2148-1
- SUSE-SU-2023:2231-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2501-1
- SUSE-SU-2023:2502-1
- SUSE-SU-2023:2506-1
- SUSE-SU-2023:2507-1
- SUSE-SU-2023:2534-1
- SUSE-SU-2023:2538-1
- SUSE-SU-2023:2611-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2651-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2660-1
- SUSE-SU-2023:2666-1
- SUSE-SU-2023:2679-1
- SUSE-SU-2023:2680-1
- SUSE-SU-2023:2681-1
- SUSE-SU-2023:2686-1
- SUSE-SU-2023:2687-1
- SUSE-SU-2023:2689-1
- SUSE-SU-2023:2690-1
- SUSE-SU-2023:2694-1
- SUSE-SU-2023:2695-1
- SUSE-SU-2023:2697-1
- SUSE-SU-2023:2698-1
- SUSE-SU-2023:2700-1
- SUSE-SU-2023:2701-1
- SUSE-SU-2023:2702-1
- SUSE-SU-2023:2703-1
- SUSE-SU-2023:2708-1
- SUSE-SU-2023:2709-1
- SUSE-SU-2023:2710-1
- SUSE-SU-2023:2714-1
- SUSE-SU-2023:2718-1
- SUSE-SU-2023:2719-1
- SUSE-SU-2023:2720-1
- SUSE-SU-2023:2721-1
- SUSE-SU-2023:2724-1
- SUSE-SU-2023:2727-1
- SUSE-SU-2023:2731-1
- SUSE-SU-2023:2734-1
- SUSE-SU-2023:2735-1
- SUSE-SU-2023:2741-1
- SUSE-SU-2023:2743-1
- SUSE-SU-2023:2755-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2805-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3333-1
- SUSE-SU-2023:3566-1
- SUSE-SU-2023:3576-1
- SUSE-SU-2023:3582-1
- SUSE-SU-2023:3592-1
- SUSE-SU-2023:3594-1
- SUSE-SU-2023:3595-1
- SUSE-SU-2023:3596-1
- SUSE-SU-2023:3603-1
- SUSE-SU-2023:3607-1
- SUSE-SU-2023:3612-1
- SUSE-SU-2023:3623-1
- SUSE-SU-2023:3627-1
- SUSE-SU-2023:3629-1
- SUSE-SU-2023:3630-1
- SUSE-SU-2023:3644-1
- SUSE-SU-2023:3647-1
- SUSE-SU-2023:3668-1
- SUSE-SU-2023:3671-1
- SUSE-SU-2024:0112-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2185-1
- USN-5754-1
- USN-5754-2
- USN-5755-1
- USN-5755-2
- USN-5756-1
- USN-5756-2
- USN-5756-3
- USN-5757-1
- USN-5757-2
- USN-5758-1
- USN-5773-1
- USN-5774-1
- USN-5779-1
- USN-5789-1
- USN-6079-1
- USN-6080-1
- USN-6081-1
- USN-6084-1
- USN-6085-1
- USN-6090-1
- USN-6091-1
- USN-6092-1
- USN-6094-1
- USN-6095-1
- USN-6096-1
- USN-6109-1
- USN-6118-1
- USN-6127-1
- USN-6130-1
- USN-6131-1
- USN-6132-1
- USN-6133-1
- USN-6134-1
- USN-6135-1
- USN-6149-1
- USN-6150-1
- USN-6162-1
- USN-6173-1
- USN-6175-1
- USN-6186-1
- USN-6194-1
- USN-6222-1
- USN-6224-1
- USN-6228-1
- USN-6231-1
- USN-6235-1
- USN-6254-1
- USN-6256-1
- USN-6284-1
- USN-6300-1
- USN-6301-1
- USN-6309-1
- USN-6311-1
- USN-6312-1
- USN-6314-1
- USN-6327-1
- USN-6331-1
- USN-6332-1
- USN-6337-1
- USN-6338-1
- USN-6338-2
- USN-6339-1
- USN-6339-2
- USN-6339-3
- USN-6339-4
- USN-6340-1
- USN-6340-2
- USN-6342-1
- USN-6342-2
- USN-6344-1
- USN-6347-1
- USN-6349-1
- USN-6350-1
- USN-6351-1
- USN-6357-1
- USN-6385-1
- USN-6388-1
- USN-6397-1
- USN-6412-1
- USN-6460-1
- USN-6466-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.128.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.128.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.128.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-syms | < 4.12.14-95.128.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=4 | suse | kernel-source | < 4.12.14-95.128.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=4 | suse | kernel-macros | < 4.12.14-95.128.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=4 | suse | kernel-devel | < 4.12.14-95.128.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.128.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.128.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.128.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-default | < 4.12.14-95.128.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default-man | < 4.12.14-95.128.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.128.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.128.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.128.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-default-devel | < 4.12.14-95.128.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.128.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.128.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.128.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=4 | suse | kernel-default-base | < 4.12.14-95.128.1 | sles-12 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |