1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2023:4349-1

[SUSE-SU-2023:4349-1] Security update for the Linux Kernel

Severity Important
Affected Packages 20
CVEs 4
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778)
  • CVE-2023-45862: Fixed an issue in the ENE UB6250 reader driver whwere an object could potentially extend beyond the end of an allocation causing. (bsc#1216051)
  • CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745).
  • CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046)

The following non-security bugs were fixed:

  • 9p: virtio: make sure 'offs' is initialized in zc_request (git-fixes).
  • audit: fix potential double free on error path from fsnotify_add_inode_mark (git-fixes).
  • CKC: Clarify usage
  • crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() (git-fixes).
  • iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).
  • iommu/amd: Remove useless irq affinity notifier (bsc#1206010).
  • iommu/amd: Set iommu->int_enabled consistently when interrupts are set up (bsc#1206010).
  • kabi: iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (bsc#1206010).
  • KVM: s390: fix sthyi error handling (git-fixes bsc#1216107).
  • memcg: drop kmem.limit_in_bytes (bsc#1208788)
  • mm, memcg: reconsider kmem.limit_in_bytes deprecation (bsc#1208788 bsc#1213705).
  • net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (git-fixes).
  • net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git-fixes).
  • ratelimit: Fix data-races in ___ratelimit() (git-fixes).
  • ring-buffer: Fix bytes info in per_cpu buffer stats (git-fixes).
  • s390/pci: fix iommu bitmap allocation (git-fixes bsc#1216513).
  • s390/ptrace: fix setting syscall number (git-fixes bsc#1216340).
  • s390/vdso: add missing FORCE to build targets (git-fixes bsc#1216140).
  • s390/zcrypt: change reply buffer size offering (LTC#203322 bsc#1213950).
  • s390/zcrypt: fix reply buffer calculations for CCA replies (LTC#203322 bsc#1213950).
  • sched: Avoid scale real weight down to zero (git fixes (sched)).
  • sched: correct SD_flags returned by tl->sd_flags() (git fixes (sched)).
  • sched: Reenable interrupts in do_sched_yield() (git fixes (sched)).
  • sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() (git fixes (sched)).
  • sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() (git fixes (sched)).
  • sched/fair: Do not balance task to its current running CPU (git fixes (sched)).
  • sched/rt: Minimize rq->lock contention in do_sched_rt_period_timer() (git fixes (sched)).
  • sched/rt: Restore rt_runtime after disabling RT_RUNTIME_SHARE (git fixes (sched)).
  • scsi: zfcp: Defer fc_rport blocking until after ADISC response (LTC#203327 bsc#1213977 git-fixes).
  • scsi: zfcp: Fix a double put in zfcp_port_enqueue() (git-fixes bsc#1216514).
  • tools/thermal: Fix possible path truncations (git-fixes).
  • tracing: Fix cpu buffers unavailable due to 'record_disabled' missed (git-fixes).
  • tracing: Fix memleak due to race between current_tracer and trace (git-fixes).
  • tracing: Fix race issue between cpu buffer write and swap (git-fixes).
  • uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 (git-fixes).
  • usb: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (git-fixes).
  • usb: typec: altmodes/displayport: Fix configure initial pin assignment (git-fixes).
  • usb: typec: altmodes/displayport: fix pin_assignment_show (git-fixes).
  • use optional first argument as a base-ref instead of upstream branch
  • vhost-scsi: unbreak any layout for response (git-fixes).
  • virtio_balloon: fix deadlock on OOM (git-fixes).
  • virtio_balloon: fix increment of vb->num_pfns in fill_balloon() (git-fixes).
  • virtio_net: Fix error unwinding of XDP initialization (git-fixes).
  • virtio: Protect vqs list access (git-fixes).
  • vsock/virtio: add transport parameter to the virtio_transport_reset_no_sock() (git-fixes).
  • xen-netback: use default TX queue size for vifs (git-fixes).
  • xen/x86: obtain full video frame buffer address for Dom0 also under EFI (bsc#1215743).
  • xen/x86: obtain upper 32 bits of video frame buffer address for Dom0 (bsc#1215743).
Package Affected Version
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=5 < 4.12.14-122.183.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=5 < 4.12.14-122.183.1
ID
SUSE-SU-2023:4349-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2023/suse-su-20234349-1/
Published
2023-11-02T14:40:35
(10 months ago)
Modified
2023-11-02T14:40:35
(10 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4349-1.json
Suse URL for SUSE-SU-2023:4349-1 https://www.suse.com/support/update/announcement/2023/suse-su-20234349-1/
Suse E-Mail link for SUSE-SU-2023:4349-1 https://lists.suse.com/pipermail/sle-updates/2023-November/032576.html
Bugzilla SUSE Bug 1206010 https://bugzilla.suse.com/1206010
Bugzilla SUSE Bug 1208788 https://bugzilla.suse.com/1208788
Bugzilla SUSE Bug 1210778 https://bugzilla.suse.com/1210778
Bugzilla SUSE Bug 1213705 https://bugzilla.suse.com/1213705
Bugzilla SUSE Bug 1213950 https://bugzilla.suse.com/1213950
Bugzilla SUSE Bug 1213977 https://bugzilla.suse.com/1213977
Bugzilla SUSE Bug 1215743 https://bugzilla.suse.com/1215743
Bugzilla SUSE Bug 1215745 https://bugzilla.suse.com/1215745
Bugzilla SUSE Bug 1216046 https://bugzilla.suse.com/1216046
Bugzilla SUSE Bug 1216051 https://bugzilla.suse.com/1216051
Bugzilla SUSE Bug 1216107 https://bugzilla.suse.com/1216107
Bugzilla SUSE Bug 1216140 https://bugzilla.suse.com/1216140
Bugzilla SUSE Bug 1216340 https://bugzilla.suse.com/1216340
Bugzilla SUSE Bug 1216513 https://bugzilla.suse.com/1216513
Bugzilla SUSE Bug 1216514 https://bugzilla.suse.com/1216514
CVE SUSE CVE CVE-2023-31085 page https://www.suse.com/security/cve/CVE-2023-31085/
CVE SUSE CVE CVE-2023-34324 page https://www.suse.com/security/cve/CVE-2023-34324/
CVE SUSE CVE CVE-2023-39189 page https://www.suse.com/security/cve/CVE-2023-39189/
CVE SUSE CVE CVE-2023-45862 page https://www.suse.com/security/cve/CVE-2023-45862/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=5 suse kernel-syms < 4.12.14-122.183.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=5 suse kernel-syms < 4.12.14-122.183.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=5 suse kernel-syms < 4.12.14-122.183.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=5 suse kernel-syms < 4.12.14-122.183.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=5 suse kernel-source < 4.12.14-122.183.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=5 suse kernel-macros < 4.12.14-122.183.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=5 suse kernel-devel < 4.12.14-122.183.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=5 suse kernel-default < 4.12.14-122.183.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=5 suse kernel-default < 4.12.14-122.183.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=5 suse kernel-default < 4.12.14-122.183.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=5 suse kernel-default < 4.12.14-122.183.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=5 suse kernel-default-man < 4.12.14-122.183.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=5 suse kernel-default-devel < 4.12.14-122.183.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=5 suse kernel-default-devel < 4.12.14-122.183.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=5 suse kernel-default-devel < 4.12.14-122.183.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=5 suse kernel-default-devel < 4.12.14-122.183.1 sles-12 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=5 suse kernel-default-base < 4.12.14-122.183.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=5 suse kernel-default-base < 4.12.14-122.183.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=5 suse kernel-default-base < 4.12.14-122.183.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=5 suse kernel-default-base < 4.12.14-122.183.1 sles-12 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date