[SUSE-SU-2023:4349-1] Security update for the Linux Kernel
Severity
Important
Affected Packages
20
CVEs
4
Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778)
- CVE-2023-45862: Fixed an issue in the ENE UB6250 reader driver whwere an object could potentially extend beyond the end of an allocation causing. (bsc#1216051)
- CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745).
- CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046)
The following non-security bugs were fixed:
- 9p: virtio: make sure 'offs' is initialized in zc_request (git-fixes).
- audit: fix potential double free on error path from fsnotify_add_inode_mark (git-fixes).
- CKC: Clarify usage
- crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() (git-fixes).
- iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).
- iommu/amd: Remove useless irq affinity notifier (bsc#1206010).
- iommu/amd: Set iommu->int_enabled consistently when interrupts are set up (bsc#1206010).
- kabi: iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).
- KVM: s390: fix sthyi error handling (git-fixes bsc#1216107).
- memcg: drop kmem.limit_in_bytes (bsc#1208788)
- mm, memcg: reconsider kmem.limit_in_bytes deprecation (bsc#1208788 bsc#1213705).
- net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (git-fixes).
- net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git-fixes).
- ratelimit: Fix data-races in ___ratelimit() (git-fixes).
- ring-buffer: Fix bytes info in per_cpu buffer stats (git-fixes).
- s390/pci: fix iommu bitmap allocation (git-fixes bsc#1216513).
- s390/ptrace: fix setting syscall number (git-fixes bsc#1216340).
- s390/vdso: add missing FORCE to build targets (git-fixes bsc#1216140).
- s390/zcrypt: change reply buffer size offering (LTC#203322 bsc#1213950).
- s390/zcrypt: fix reply buffer calculations for CCA replies (LTC#203322 bsc#1213950).
- sched: Avoid scale real weight down to zero (git fixes (sched)).
- sched: correct SD_flags returned by tl->sd_flags() (git fixes (sched)).
- sched: Reenable interrupts in do_sched_yield() (git fixes (sched)).
- sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() (git fixes (sched)).
- sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() (git fixes (sched)).
- sched/fair: Do not balance task to its current running CPU (git fixes (sched)).
- sched/rt: Minimize rq->lock contention in do_sched_rt_period_timer() (git fixes (sched)).
- sched/rt: Restore rt_runtime after disabling RT_RUNTIME_SHARE (git fixes (sched)).
- scsi: zfcp: Defer fc_rport blocking until after ADISC response (LTC#203327 bsc#1213977 git-fixes).
- scsi: zfcp: Fix a double put in zfcp_port_enqueue() (git-fixes bsc#1216514).
- tools/thermal: Fix possible path truncations (git-fixes).
- tracing: Fix cpu buffers unavailable due to 'record_disabled' missed (git-fixes).
- tracing: Fix memleak due to race between current_tracer and trace (git-fixes).
- tracing: Fix race issue between cpu buffer write and swap (git-fixes).
- uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 (git-fixes).
- usb: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).
- usb: typec: altmodes/displayport: Fix configure initial pin assignment (git-fixes).
- usb: typec: altmodes/displayport: fix pin_assignment_show (git-fixes).
- use optional first argument as a base-ref instead of upstream branch
- vhost-scsi: unbreak any layout for response (git-fixes).
- virtio_balloon: fix deadlock on OOM (git-fixes).
- virtio_balloon: fix increment of vb->num_pfns in fill_balloon() (git-fixes).
- virtio_net: Fix error unwinding of XDP initialization (git-fixes).
- virtio: Protect vqs list access (git-fixes).
- vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() (git-fixes).
- xen-netback: use default TX queue size for vifs (git-fixes).
- xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1215743).
- xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1215743).
- ID
- SUSE-SU-2023:4349-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20234349-1/
- Published
-
2023-11-02T14:40:35
(10 months ago) - Modified
-
2023-11-02T14:40:35
(10 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1701
- ALAS-2023-1883
- ALAS2-2023-1987
- ALAS2-2023-2328
- ALSA-2024:3138
- DSA-5594-1
- ELSA-2023-13019
- ELSA-2024-2394
- ELSA-2024-3138
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SSA:2023-325-01
- SUSE-SU-2023:4343-1
- SUSE-SU-2023:4345-1
- SUSE-SU-2023:4346-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2023:4348-1
- SUSE-SU-2023:4351-1
- SUSE-SU-2023:4358-1
- SUSE-SU-2023:4359-1
- SUSE-SU-2023:4375-1
- SUSE-SU-2023:4377-1
- SUSE-SU-2023:4378-1
- SUSE-SU-2023:4414-1
- SUSE-SU-2024:0112-1
- USN-6461-1
- USN-6494-1
- USN-6494-2
- USN-6495-1
- USN-6495-2
- USN-6496-1
- USN-6496-2
- USN-6502-1
- USN-6502-2
- USN-6502-3
- USN-6502-4
- USN-6503-1
- USN-6516-1
- USN-6520-1
- USN-6532-1
- USN-6534-1
- USN-6534-2
- USN-6534-3
- USN-6536-1
- USN-6537-1
- USN-6548-1
- USN-6548-2
- USN-6548-3
- USN-6548-4
- USN-6548-5
- USN-6549-1
- USN-6549-2
- USN-6549-3
- USN-6549-4
- USN-6549-5
- USN-6572-1
- USN-6573-1
- USN-6624-1
- USN-6625-1
- USN-6625-2
- USN-6625-3
- USN-6626-1
- USN-6626-2
- USN-6626-3
- USN-6628-1
- USN-6628-2
- USN-6635-1
- USN-6652-1
- XSA-441
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-syms | < 4.12.14-122.183.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=5 | suse | kernel-syms | < 4.12.14-122.183.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=5 | suse | kernel-syms | < 4.12.14-122.183.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=5 | suse | kernel-syms | < 4.12.14-122.183.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=5 | suse | kernel-source | < 4.12.14-122.183.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=5 | suse | kernel-macros | < 4.12.14-122.183.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=5 | suse | kernel-devel | < 4.12.14-122.183.1 | sles-12 | noarch | |
Affected | pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-default | < 4.12.14-122.183.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=5 | suse | kernel-default | < 4.12.14-122.183.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=5 | suse | kernel-default | < 4.12.14-122.183.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=5 | suse | kernel-default | < 4.12.14-122.183.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=5 | suse | kernel-default-man | < 4.12.14-122.183.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-default-devel | < 4.12.14-122.183.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=5 | suse | kernel-default-devel | < 4.12.14-122.183.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=5 | suse | kernel-default-devel | < 4.12.14-122.183.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=5 | suse | kernel-default-devel | < 4.12.14-122.183.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=5 | suse | kernel-default-base | < 4.12.14-122.183.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=5 | suse | kernel-default-base | < 4.12.14-122.183.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=5 | suse | kernel-default-base | < 4.12.14-122.183.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=5 | suse | kernel-default-base | < 4.12.14-122.183.1 | sles-12 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |