1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:2810-1

[SUSE-SU-2023:2810-1] Security update for the Linux Kernel

Severity Important
Affected Packages 1
CVEs 13
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
  • CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606).
  • CVE-2023-35828: Fixed a use-after-free flaw in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c (bsc#1212513).
  • CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).
  • CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210533).
  • CVE-2023-3268: Fixed an out of bounds (OOB) memory access flaw in relay_file_read_start_pos in kernel/relay.c (bsc#1212502).
  • CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
  • CVE-2023-35823: Fixed a use-after-free flaw in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c (bsc#1212494).
  • CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212504).
  • CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
  • CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
  • CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
  • CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).

The following non-security bugs were fixed:

  • Drivers: hv: vmbus: Optimize vmbus_on_event (bsc#1211622).
  • Drivers: vmbus: Check for channel allocation before looking up relids (git-fixes).
  • Drop dvb-core fix patch due to bug (bsc#1205758).
  • Fix missing top level chapter numbers on SLE12 SP5 (bsc#1212158).
  • Fix usrmerge error (boo#1211796)
  • Remove obsolete KMP obsoletes (bsc#1210469).
  • Replace mkinitrd dependency with dracut (bsc#1202353). Also update mkinitrd refrences in documentation and comments.
  • cifs: do not include page data when checking signature (bsc#1200217).
  • cifs: fix negotiate context parsing (bsc#1210301).
  • cifs: fix open leaks in open_cached_dir() (bsc#1209342).
  • google/gve:fix repeated words in comments (bsc#1211519).
  • gve: Adding a new AdminQ command to verify driver (bsc#1211519).
  • gve: Cache link_speed value from device (bsc#1211519).
  • gve: Fix GFP flags when allocing pages (bsc#1211519).
  • gve: Fix error return code in gve_prefill_rx_pages() (bsc#1211519).
  • gve: Fix spelling mistake 'droping' -> 'dropping' (bsc#1211519).
  • gve: Handle alternate miss completions (bsc#1211519).
  • gve: Reduce alloc and copy costs in the GQ rx path (bsc#1211519).
  • gve: Remove the code of clearing PBA bit (bsc#1211519).
  • gve: Secure enough bytes in the first TX desc for all TCP pkts (bsc#1211519).
  • gve: enhance no queue page list detection (bsc#1211519).
  • ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).
  • k-m-s: Drop Linux 2.6 support
  • kernel-binary: install expoline.o (boo#1210791 bsc#1211089)
  • keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
  • rpm/kernel-binary.spec.in: Add Provides of kernel-preempt (jsc#SLE-18857) For smooth migration with the former kernel-preempt user, kernel-default provides kernel-preempt now when CONFIG_PREEMPT_DYNAMIC is defined.
  • rpm/kernel-binary.spec.in: Fix compatibility wth newer rpm
  • rpm/kernel-binary.spec.in: Fix missing kernel-preempt-devel and KMP Provides (bsc#1199046)
  • rpm/kernel-docs.spec.in: pass PYTHON=python3 to fix build error (bsc#1160435)
  • s390,dcssblk,dax: Add dax zero_page_range operation to dcssblk driver (bsc#1199636).
  • sunrpc: Ensure the transport backchannel association (bsc#1211203).
  • usrmerge: Compatibility with earlier rpm (boo#1211796)
  • vmxnet3: use gro callback when UPT is enabled (bsc#1209739).
  • x86/build: Avoid relocation information in final vmlinux (bsc#1187829).
Package Affected Version
pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 < 5.3.18-150300.135.1
ID
SUSE-SU-2023:2810-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20232810-1/
Published
2023-07-12T09:34:43
(14 months ago)
Modified
2023-07-12T09:34:43
(14 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2810-1.json
Suse URL for SUSE-SU-2023:2810-1 https://www.suse.com/support/update/announcement/2023/suse-su-20232810-1/
Suse E-Mail link for SUSE-SU-2023:2810-1 https://lists.suse.com/pipermail/sle-updates/2023-July/030273.html
Bugzilla SUSE Bug 1160435 https://bugzilla.suse.com/1160435
Bugzilla SUSE Bug 1172073 https://bugzilla.suse.com/1172073
Bugzilla SUSE Bug 1187829 https://bugzilla.suse.com/1187829
Bugzilla SUSE Bug 1191731 https://bugzilla.suse.com/1191731
Bugzilla SUSE Bug 1199046 https://bugzilla.suse.com/1199046
Bugzilla SUSE Bug 1199636 https://bugzilla.suse.com/1199636
Bugzilla SUSE Bug 1200217 https://bugzilla.suse.com/1200217
Bugzilla SUSE Bug 1202353 https://bugzilla.suse.com/1202353
Bugzilla SUSE Bug 1205758 https://bugzilla.suse.com/1205758
Bugzilla SUSE Bug 1207088 https://bugzilla.suse.com/1207088
Bugzilla SUSE Bug 1208600 https://bugzilla.suse.com/1208600
Bugzilla SUSE Bug 1209039 https://bugzilla.suse.com/1209039
Bugzilla SUSE Bug 1209342 https://bugzilla.suse.com/1209342
Bugzilla SUSE Bug 1209739 https://bugzilla.suse.com/1209739
Bugzilla SUSE Bug 1210301 https://bugzilla.suse.com/1210301
Bugzilla SUSE Bug 1210469 https://bugzilla.suse.com/1210469
Bugzilla SUSE Bug 1210533 https://bugzilla.suse.com/1210533
Bugzilla SUSE Bug 1210791 https://bugzilla.suse.com/1210791
Bugzilla SUSE Bug 1211089 https://bugzilla.suse.com/1211089
Bugzilla SUSE Bug 1211203 https://bugzilla.suse.com/1211203
Bugzilla SUSE Bug 1211519 https://bugzilla.suse.com/1211519
Bugzilla SUSE Bug 1211592 https://bugzilla.suse.com/1211592
Bugzilla SUSE Bug 1211622 https://bugzilla.suse.com/1211622
Bugzilla SUSE Bug 1211796 https://bugzilla.suse.com/1211796
Bugzilla SUSE Bug 1212128 https://bugzilla.suse.com/1212128
Bugzilla SUSE Bug 1212129 https://bugzilla.suse.com/1212129
Bugzilla SUSE Bug 1212154 https://bugzilla.suse.com/1212154
Bugzilla SUSE Bug 1212158 https://bugzilla.suse.com/1212158
Bugzilla SUSE Bug 1212494 https://bugzilla.suse.com/1212494
Bugzilla SUSE Bug 1212501 https://bugzilla.suse.com/1212501
Bugzilla SUSE Bug 1212502 https://bugzilla.suse.com/1212502
Bugzilla SUSE Bug 1212504 https://bugzilla.suse.com/1212504
Bugzilla SUSE Bug 1212513 https://bugzilla.suse.com/1212513
Bugzilla SUSE Bug 1212606 https://bugzilla.suse.com/1212606
Bugzilla SUSE Bug 1212842 https://bugzilla.suse.com/1212842
CVE SUSE CVE CVE-2023-1077 page https://www.suse.com/security/cve/CVE-2023-1077/
CVE SUSE CVE CVE-2023-1249 page https://www.suse.com/security/cve/CVE-2023-1249/
CVE SUSE CVE CVE-2023-2002 page https://www.suse.com/security/cve/CVE-2023-2002/
CVE SUSE CVE CVE-2023-3090 page https://www.suse.com/security/cve/CVE-2023-3090/
CVE SUSE CVE CVE-2023-3141 page https://www.suse.com/security/cve/CVE-2023-3141/
CVE SUSE CVE CVE-2023-3159 page https://www.suse.com/security/cve/CVE-2023-3159/
CVE SUSE CVE CVE-2023-3161 page https://www.suse.com/security/cve/CVE-2023-3161/
CVE SUSE CVE CVE-2023-3268 page https://www.suse.com/security/cve/CVE-2023-3268/
CVE SUSE CVE CVE-2023-3358 page https://www.suse.com/security/cve/CVE-2023-3358/
CVE SUSE CVE CVE-2023-35788 page https://www.suse.com/security/cve/CVE-2023-35788/
CVE SUSE CVE CVE-2023-35823 page https://www.suse.com/security/cve/CVE-2023-35823/
CVE SUSE CVE CVE-2023-35824 page https://www.suse.com/security/cve/CVE-2023-35824/
CVE SUSE CVE CVE-2023-35828 page https://www.suse.com/security/cve/CVE-2023-35828/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-rt?arch=x86_64&distro=slem-5 suse kernel-rt < 5.3.18-150300.135.1 slem-5 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date