1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:2805-1

[SUSE-SU-2023:2805-1] Security update for the Linux Kernel

Severity Important
Affected Packages 7
CVEs 38
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
  • CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
  • CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to dvb_register_device dynamically allocating fops (bsc#1205756).
  • CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a use-after-free when a device is disconnected (bsc#1205758).
  • CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
  • CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
  • CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
  • CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
  • CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).
  • CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
  • CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
  • CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).
  • CVE-2023-1380: Fixed a slab-out-of-bound read problem in brcmf_get_assoc_ies() (bsc#1209287).
  • CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).
  • CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
  • CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
  • CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
  • CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
  • CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
  • CVE-2023-1998: Fixed a use after free during login when accessing the shost ipaddress (bsc#1210506).
  • CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could have lead to denial-of-service or potentially privilege escalation (bsc#1210498).
  • CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
  • CVE-2023-2194: Fixed an out-of-bounds write vulnerability in the SLIMpro I2C device driver (bsc#1210715).
  • CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
  • CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
  • CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem (bsc#1211105).
  • CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
  • CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/uetooth/hci_conn.c (bsc#1209052).
  • CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).
  • CVE-2023-30772: Fixed race condition and resultant use-after-free in da9150_charger_remove (bsc#1210329).
  • CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
  • CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
  • CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because lmax can exceed QFQ_MIN_LMAX (bsc#1210940).
  • CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
  • CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
  • CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
  • CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).

The following non-security bugs were fixed:

  • Do not sign the vanilla kernel (bsc#1209008).
  • Drop dvb-core fix patch due to regression (bsc#1205758).
  • Revert CVE-2018-20784 due to regression (bsc#1126703).
  • binfmt_elf: Take the mmap lock when walking the VMA list (bsc#1209039 CVE-2023-1249).
  • bluetooth: Fix double free in hci_conn_cleanup (bsc#1209052 CVE-2023-28464).
  • bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (CVE-2023-1989 bsc#1210336).
  • btrfs: fix race between quota disable and quota assign ioctls (CVE-2023-1611 bsc#1209687).
  • do not fallthrough in cbq_classify and stop on TC_ACT_SHOT (bsc#1207036 CVE-2023-23454 bsc#1207125 CVE-2023-23455).
  • ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
  • ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878 bsc#1211105 CVE-2023-2513).
  • fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
  • firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).
  • fix a mistake in the CVE-2023-0590 / bsc#1207795 backport
  • i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (bsc#1210715 CVE-2023-2194).
  • ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).
  • ipvlan:Fix out-of-bounds caused by unclear skb->cb (bsc#1212842 CVE-2023-3090).
  • kernel/sys.c: fix potential Spectre v1 issue (bsc#1209256 CVE-2017-5753).
  • kvm: initialize all of the kvm_debugregs structure before sending it to userspace (bsc#1209532 CVE-2023-1513).
  • media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).
  • media: dvb-core: Fix use-after-free due on race condition at dvb_net (CVE-2022-45886 bsc#1205760).
  • media: dvb-core: Fix use-after-free due to race at dvb_register_device() (CVE-2022-45884 bsc#1205756).
  • media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).
  • media: dvb-core: Fix use-after-free on race condition at dvb_frontend (CVE-2022-45885 bsc#1205758).
  • media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (bsc#1209291 CVE-2023-28328).
  • media: dvb_frontend: kABI workaround (CVE-2022-45885 bsc#1205758).
  • media: dvb_net: kABI workaround (CVE-2022-45886 bsc#1205760).
  • media: dvbdev: fix error logic at dvb_register_device() (CVE-2022-45884 bsc#1205756).
  • media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (CVE-2023-1118 bsc#1208837).
  • media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (CVE-2022-45887 bsc#1205762).
  • memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).
  • net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (bsc#1210940 CVE-2023-31436).
  • netfilter: nf_tables: fix null deref due to zeroed list head (CVE-2023-1095 bsc#1208777).
  • netrom: Fix use-after-free caused by accept on already connected socket (bsc#1211186 CVE-2023-32269).
  • nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (git-fixes bsc#1210337 CVE-2023-1990).
  • power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (CVE-2023-30772 bsc#1210329).
  • prlimit: do_prlimit needs to have a speculation check (bsc#1209256 CVE-2017-5753).
  • sched/rt: pick_next_rt_entity(): check list_entry (bsc#1208600 CVE-2023-1077).
  • scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (bsc#1210647 CVE-2023-2162).
  • seq_buf: Fix overflow in seq_buf_putmem_hex() (bsc#1209549 CVE-2023-28772).
  • tcp: Fix data races around icsk->icsk_af_ops (bsc#1204405 CVE-2022-3566).
  • tipc: fix NULL deref in tipc_link_xmit() (bsc#1209289 CVE-2023-1390).
  • wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (bsc#1209287 CVE-2023-1380).
  • x86/speculation: Allow enabling STIBP with legacy IBRS (bsc#1210506 CVE-2023-1998).
  • xfs: verify buffer contents when we skip log replay (bsc#1210498 CVE-2023-2124).
  • xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1209871 CVE-2023-1670).
Package Affected Version
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.205.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2 < 4.4.121-92.205.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2 < 4.4.121-92.205.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2 < 4.4.121-92.205.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.205.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.205.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2 < 4.4.121-92.205.1
ID
SUSE-SU-2023:2805-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20232805-1/
Published
2023-07-11T04:31:55
(14 months ago)
Modified
2023-07-11T04:31:55
(14 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2805-1.json
Suse URL for SUSE-SU-2023:2805-1 https://www.suse.com/support/update/announcement/2023/suse-su-20232805-1/
Suse E-Mail link for SUSE-SU-2023:2805-1 https://lists.suse.com/pipermail/sle-security-updates/2023-July/015468.html
Bugzilla SUSE Bug 1126703 https://bugzilla.suse.com/1126703
Bugzilla SUSE Bug 1204405 https://bugzilla.suse.com/1204405
Bugzilla SUSE Bug 1205756 https://bugzilla.suse.com/1205756
Bugzilla SUSE Bug 1205758 https://bugzilla.suse.com/1205758
Bugzilla SUSE Bug 1205760 https://bugzilla.suse.com/1205760
Bugzilla SUSE Bug 1205762 https://bugzilla.suse.com/1205762
Bugzilla SUSE Bug 1205803 https://bugzilla.suse.com/1205803
Bugzilla SUSE Bug 1206878 https://bugzilla.suse.com/1206878
Bugzilla SUSE Bug 1207036 https://bugzilla.suse.com/1207036
Bugzilla SUSE Bug 1207125 https://bugzilla.suse.com/1207125
Bugzilla SUSE Bug 1207168 https://bugzilla.suse.com/1207168
Bugzilla SUSE Bug 1207795 https://bugzilla.suse.com/1207795
Bugzilla SUSE Bug 1208600 https://bugzilla.suse.com/1208600
Bugzilla SUSE Bug 1208777 https://bugzilla.suse.com/1208777
Bugzilla SUSE Bug 1208837 https://bugzilla.suse.com/1208837
Bugzilla SUSE Bug 1209008 https://bugzilla.suse.com/1209008
Bugzilla SUSE Bug 1209039 https://bugzilla.suse.com/1209039
Bugzilla SUSE Bug 1209052 https://bugzilla.suse.com/1209052
Bugzilla SUSE Bug 1209256 https://bugzilla.suse.com/1209256
Bugzilla SUSE Bug 1209287 https://bugzilla.suse.com/1209287
Bugzilla SUSE Bug 1209289 https://bugzilla.suse.com/1209289
Bugzilla SUSE Bug 1209291 https://bugzilla.suse.com/1209291
Bugzilla SUSE Bug 1209532 https://bugzilla.suse.com/1209532
Bugzilla SUSE Bug 1209549 https://bugzilla.suse.com/1209549
Bugzilla SUSE Bug 1209687 https://bugzilla.suse.com/1209687
Bugzilla SUSE Bug 1209871 https://bugzilla.suse.com/1209871
Bugzilla SUSE Bug 1210329 https://bugzilla.suse.com/1210329
Bugzilla SUSE Bug 1210336 https://bugzilla.suse.com/1210336
Bugzilla SUSE Bug 1210337 https://bugzilla.suse.com/1210337
Bugzilla SUSE Bug 1210498 https://bugzilla.suse.com/1210498
Bugzilla SUSE Bug 1210506 https://bugzilla.suse.com/1210506
Bugzilla SUSE Bug 1210647 https://bugzilla.suse.com/1210647
Bugzilla SUSE Bug 1210715 https://bugzilla.suse.com/1210715
Bugzilla SUSE Bug 1210940 https://bugzilla.suse.com/1210940
Bugzilla SUSE Bug 1211105 https://bugzilla.suse.com/1211105
Bugzilla SUSE Bug 1211186 https://bugzilla.suse.com/1211186
Bugzilla SUSE Bug 1211449 https://bugzilla.suse.com/1211449
Bugzilla SUSE Bug 1212128 https://bugzilla.suse.com/1212128
Bugzilla SUSE Bug 1212129 https://bugzilla.suse.com/1212129
Bugzilla SUSE Bug 1212154 https://bugzilla.suse.com/1212154
Bugzilla SUSE Bug 1212501 https://bugzilla.suse.com/1212501
Bugzilla SUSE Bug 1212842 https://bugzilla.suse.com/1212842
CVE SUSE CVE CVE-2017-5753 page https://www.suse.com/security/cve/CVE-2017-5753/
CVE SUSE CVE CVE-2018-20784 page https://www.suse.com/security/cve/CVE-2018-20784/
CVE SUSE CVE CVE-2022-3566 page https://www.suse.com/security/cve/CVE-2022-3566/
CVE SUSE CVE CVE-2022-45884 page https://www.suse.com/security/cve/CVE-2022-45884/
CVE SUSE CVE CVE-2022-45885 page https://www.suse.com/security/cve/CVE-2022-45885/
CVE SUSE CVE CVE-2022-45886 page https://www.suse.com/security/cve/CVE-2022-45886/
CVE SUSE CVE CVE-2022-45887 page https://www.suse.com/security/cve/CVE-2022-45887/
CVE SUSE CVE CVE-2022-45919 page https://www.suse.com/security/cve/CVE-2022-45919/
CVE SUSE CVE CVE-2023-0590 page https://www.suse.com/security/cve/CVE-2023-0590/
CVE SUSE CVE CVE-2023-1077 page https://www.suse.com/security/cve/CVE-2023-1077/
CVE SUSE CVE CVE-2023-1095 page https://www.suse.com/security/cve/CVE-2023-1095/
CVE SUSE CVE CVE-2023-1118 page https://www.suse.com/security/cve/CVE-2023-1118/
CVE SUSE CVE CVE-2023-1249 page https://www.suse.com/security/cve/CVE-2023-1249/
CVE SUSE CVE CVE-2023-1380 page https://www.suse.com/security/cve/CVE-2023-1380/
CVE SUSE CVE CVE-2023-1390 page https://www.suse.com/security/cve/CVE-2023-1390/
CVE SUSE CVE CVE-2023-1513 page https://www.suse.com/security/cve/CVE-2023-1513/
CVE SUSE CVE CVE-2023-1611 page https://www.suse.com/security/cve/CVE-2023-1611/
CVE SUSE CVE CVE-2023-1670 page https://www.suse.com/security/cve/CVE-2023-1670/
CVE SUSE CVE CVE-2023-1989 page https://www.suse.com/security/cve/CVE-2023-1989/
CVE SUSE CVE CVE-2023-1990 page https://www.suse.com/security/cve/CVE-2023-1990/
CVE SUSE CVE CVE-2023-1998 page https://www.suse.com/security/cve/CVE-2023-1998/
CVE SUSE CVE CVE-2023-2124 page https://www.suse.com/security/cve/CVE-2023-2124/
CVE SUSE CVE CVE-2023-2162 page https://www.suse.com/security/cve/CVE-2023-2162/
CVE SUSE CVE CVE-2023-2194 page https://www.suse.com/security/cve/CVE-2023-2194/
CVE SUSE CVE CVE-2023-23454 page https://www.suse.com/security/cve/CVE-2023-23454/
CVE SUSE CVE CVE-2023-23455 page https://www.suse.com/security/cve/CVE-2023-23455/
CVE SUSE CVE CVE-2023-2513 page https://www.suse.com/security/cve/CVE-2023-2513/
CVE SUSE CVE CVE-2023-28328 page https://www.suse.com/security/cve/CVE-2023-28328/
CVE SUSE CVE CVE-2023-28464 page https://www.suse.com/security/cve/CVE-2023-28464/
CVE SUSE CVE CVE-2023-28772 page https://www.suse.com/security/cve/CVE-2023-28772/
CVE SUSE CVE CVE-2023-30772 page https://www.suse.com/security/cve/CVE-2023-30772/
CVE SUSE CVE CVE-2023-3090 page https://www.suse.com/security/cve/CVE-2023-3090/
CVE SUSE CVE CVE-2023-3141 page https://www.suse.com/security/cve/CVE-2023-3141/
CVE SUSE CVE CVE-2023-31436 page https://www.suse.com/security/cve/CVE-2023-31436/
CVE SUSE CVE CVE-2023-3159 page https://www.suse.com/security/cve/CVE-2023-3159/
CVE SUSE CVE CVE-2023-3161 page https://www.suse.com/security/cve/CVE-2023-3161/
CVE SUSE CVE CVE-2023-32269 page https://www.suse.com/security/cve/CVE-2023-32269/
CVE SUSE CVE CVE-2023-35824 page https://www.suse.com/security/cve/CVE-2023-35824/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=2 suse kernel-syms < 4.4.121-92.205.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=2 suse kernel-source < 4.4.121-92.205.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=2 suse kernel-macros < 4.4.121-92.205.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=2 suse kernel-devel < 4.4.121-92.205.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=2 suse kernel-default < 4.4.121-92.205.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=2 suse kernel-default-devel < 4.4.121-92.205.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=2 suse kernel-default-base < 4.4.121-92.205.1 sles-12 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date