[SUSE-SU-2023:2834-1] Security update for the Linux Kernel

Severity Important

Affected Packages 32

CVEs 13

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606).
CVE-2023-35828: Fixed a use-after-free flaw in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c (bsc#1212513).
CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).
CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210533).
CVE-2023-3268: Fixed an out of bounds (OOB) memory access flaw in relay_file_read_start_pos in the relayfs (bsc#1212502).
CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
CVE-2023-35823: Fixed a use-after-free flaw in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c (bsc#1212494).
CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212504).
CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600).

The following non-security bugs were fixed:

Drop dvb-core fix patch due to bug (bsc#1205758).
Fix missing top level chapter numbers on SLE12 SP5 (bsc#1212158).
fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
google/gve:fix repeated words in comments (bsc#1211519).
gve: Adding a new AdminQ command to verify driver (bsc#1211519).
gve: Cache link_speed value from device (bsc#1211519).
gve: Fix GFP flags when allocing pages (bsc#1211519).
gve: Fix error return code in gve_prefill_rx_pages() (bsc#1211519).
gve: Fix spelling mistake 'droping' -> 'dropping' (bsc#1211519).
gve: Handle alternate miss completions (bsc#1211519).
gve: Reduce alloc and copy costs in the GQ rx path (bsc#1211519).
gve: Remove the code of clearing PBA bit (bsc#1211519).
gve: Secure enough bytes in the first TX desc for all TCP pkts (bsc#1211519).
gve: enhance no queue page list detection (bsc#1211519).
rpm/kernel-binary.spec.in: Fix compatibility wth newer rpm
rpm/kernel-docs.spec.in: pass PYTHON=python3 to fix build error (bsc#1160435)
x86/build: Avoid relocation information in final vmlinux (bsc#1187829).

Package	Affected Version
pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-preempt?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-preempt?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-preempt-devel?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-preempt-devel?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1.150200.9.77.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1.150200.9.77.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1.150200.9.77.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15&sp=2	< 5.3.18-150200.24.157.1.150200.9.77.1

ID

SUSE-SU-2023:2834-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2023/suse-su-20232834-1/

Published

2023-07-14T18:07:19
(14 months ago)

Modified

2023-07-14T18:07:19
(14 months ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2834-1.json
Suse	URL for SUSE-SU-2023:2834-1	https://www.suse.com/support/update/announcement/2023/suse-su-20232834-1/
Suse	E-Mail link for SUSE-SU-2023:2834-1	https://lists.suse.com/pipermail/sle-security-updates/2023-July/015496.html
Bugzilla	SUSE Bug 1160435	https://bugzilla.suse.com/1160435
Bugzilla	SUSE Bug 1187829	https://bugzilla.suse.com/1187829
Bugzilla	SUSE Bug 1205758	https://bugzilla.suse.com/1205758
Bugzilla	SUSE Bug 1208600	https://bugzilla.suse.com/1208600
Bugzilla	SUSE Bug 1209039	https://bugzilla.suse.com/1209039
Bugzilla	SUSE Bug 1210533	https://bugzilla.suse.com/1210533
Bugzilla	SUSE Bug 1211449	https://bugzilla.suse.com/1211449
Bugzilla	SUSE Bug 1211519	https://bugzilla.suse.com/1211519
Bugzilla	SUSE Bug 1212128	https://bugzilla.suse.com/1212128
Bugzilla	SUSE Bug 1212129	https://bugzilla.suse.com/1212129
Bugzilla	SUSE Bug 1212154	https://bugzilla.suse.com/1212154
Bugzilla	SUSE Bug 1212158	https://bugzilla.suse.com/1212158
Bugzilla	SUSE Bug 1212494	https://bugzilla.suse.com/1212494
Bugzilla	SUSE Bug 1212501	https://bugzilla.suse.com/1212501
Bugzilla	SUSE Bug 1212502	https://bugzilla.suse.com/1212502
Bugzilla	SUSE Bug 1212504	https://bugzilla.suse.com/1212504
Bugzilla	SUSE Bug 1212513	https://bugzilla.suse.com/1212513
Bugzilla	SUSE Bug 1212606	https://bugzilla.suse.com/1212606
Bugzilla	SUSE Bug 1212842	https://bugzilla.suse.com/1212842
CVE	SUSE CVE CVE-2023-1077 page	https://www.suse.com/security/cve/CVE-2023-1077/
CVE	SUSE CVE CVE-2023-1249 page	https://www.suse.com/security/cve/CVE-2023-1249/
CVE	SUSE CVE CVE-2023-2002 page	https://www.suse.com/security/cve/CVE-2023-2002/
CVE	SUSE CVE CVE-2023-3090 page	https://www.suse.com/security/cve/CVE-2023-3090/
CVE	SUSE CVE CVE-2023-3141 page	https://www.suse.com/security/cve/CVE-2023-3141/
CVE	SUSE CVE CVE-2023-3159 page	https://www.suse.com/security/cve/CVE-2023-3159/
CVE	SUSE CVE CVE-2023-3161 page	https://www.suse.com/security/cve/CVE-2023-3161/
CVE	SUSE CVE CVE-2023-3268 page	https://www.suse.com/security/cve/CVE-2023-3268/
CVE	SUSE CVE CVE-2023-3358 page	https://www.suse.com/security/cve/CVE-2023-3358/
CVE	SUSE CVE CVE-2023-35788 page	https://www.suse.com/security/cve/CVE-2023-35788/
CVE	SUSE CVE CVE-2023-35823 page	https://www.suse.com/security/cve/CVE-2023-35823/
CVE	SUSE CVE CVE-2023-35824 page	https://www.suse.com/security/cve/CVE-2023-35824/
CVE	SUSE CVE CVE-2023-35828 page	https://www.suse.com/security/cve/CVE-2023-35828/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=x86_64&distro=sles-15&sp=2	suse	reiserfs-kmp-default	< 5.3.18-150200.24.157.1	sles-15	x86_64
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=s390x&distro=sles-15&sp=2	suse	reiserfs-kmp-default	< 5.3.18-150200.24.157.1	sles-15	s390x
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=ppc64le&distro=sles-15&sp=2	suse	reiserfs-kmp-default	< 5.3.18-150200.24.157.1	sles-15	ppc64le
Affected	pkg:rpm/suse/reiserfs-kmp-default?arch=aarch64&distro=sles-15&sp=2	suse	reiserfs-kmp-default	< 5.3.18-150200.24.157.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-15&sp=2	suse	kernel-syms	< 5.3.18-150200.24.157.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-15&sp=2	suse	kernel-syms	< 5.3.18-150200.24.157.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-15&sp=2	suse	kernel-syms	< 5.3.18-150200.24.157.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-15&sp=2	suse	kernel-syms	< 5.3.18-150200.24.157.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-15&sp=2	suse	kernel-source	< 5.3.18-150200.24.157.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-preempt?arch=x86_64&distro=sles-15&sp=2	suse	kernel-preempt	< 5.3.18-150200.24.157.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-preempt?arch=aarch64&distro=sles-15&sp=2	suse	kernel-preempt	< 5.3.18-150200.24.157.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-preempt-devel?arch=x86_64&distro=sles-15&sp=2	suse	kernel-preempt-devel	< 5.3.18-150200.24.157.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-preempt-devel?arch=aarch64&distro=sles-15&sp=2	suse	kernel-preempt-devel	< 5.3.18-150200.24.157.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-obs-build?arch=x86_64&distro=sles-15&sp=2	suse	kernel-obs-build	< 5.3.18-150200.24.157.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-obs-build?arch=s390x&distro=sles-15&sp=2	suse	kernel-obs-build	< 5.3.18-150200.24.157.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-obs-build?arch=ppc64le&distro=sles-15&sp=2	suse	kernel-obs-build	< 5.3.18-150200.24.157.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-obs-build?arch=aarch64&distro=sles-15&sp=2	suse	kernel-obs-build	< 5.3.18-150200.24.157.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-15&sp=2	suse	kernel-macros	< 5.3.18-150200.24.157.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-docs?arch=noarch&distro=sles-15&sp=2	suse	kernel-docs	< 5.3.18-150200.24.157.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-15&sp=2	suse	kernel-devel	< 5.3.18-150200.24.157.1	sles-15	noarch
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-15&sp=2	suse	kernel-default	< 5.3.18-150200.24.157.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-15&sp=2	suse	kernel-default	< 5.3.18-150200.24.157.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-15&sp=2	suse	kernel-default	< 5.3.18-150200.24.157.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-15&sp=2	suse	kernel-default	< 5.3.18-150200.24.157.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-15&sp=2	suse	kernel-default-devel	< 5.3.18-150200.24.157.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-15&sp=2	suse	kernel-default-devel	< 5.3.18-150200.24.157.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-15&sp=2	suse	kernel-default-devel	< 5.3.18-150200.24.157.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-15&sp=2	suse	kernel-default-devel	< 5.3.18-150200.24.157.1	sles-15	aarch64
Affected	pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-15&sp=2	suse	kernel-default-base	< 5.3.18-150200.24.157.1.150200.9.77.1	sles-15	x86_64
Affected	pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-15&sp=2	suse	kernel-default-base	< 5.3.18-150200.24.157.1.150200.9.77.1	sles-15	s390x
Affected	pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-15&sp=2	suse	kernel-default-base	< 5.3.18-150200.24.157.1.150200.9.77.1	sles-15	ppc64le
Affected	pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-15&sp=2	suse	kernel-default-base	< 5.3.18-150200.24.157.1.150200.9.77.1	sles-15	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date