[SUSE-SU-2024:0117-1] Security update for the Linux Kernel

Severity Important

Affected Packages 20

CVEs 8

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted (bsc#1202095).
CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted packet in the NVMe-oF/TCP subsystem (bsc#1217250).
CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event (bsc#1214158 bsc#1218258).
CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query packet due to reference count mismanagement (bsc#1218253).
CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the Bluetooth subsystem that would allow replay attacks (bsc#1179610 bsc#1215237).
CVE-2023-51779: Fixed a use-after-free issue due to a race condition during Bluetooth message reception (bsc#1218559).

The following non-security bugs were fixed:

Enabled the LLC counters for “perf” (perf stat) on the Ice-Lake and Rocket-Lake CPUs (jsc#PED-5023 bsc#1211439).
Reviewed and added more information to README.SUSE (jsc#PED-5021).
Enabled multibuild for kernel packages (JSC-SLE#5501, boo#1211226, bsc#1218184).
Fix termination state for idr_for_each_entry_ul() (bsc#1109837).
KVM: s390/mm: Properly reset no-dat (bsc#1218057).
KVM: s390: vsie: fix wrong VIR 37 when MSO is used (bsc#1217936).
PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1218622).
gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479).
gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479).
gve: Changes to add new TX queues (bsc#1214479).
gve: Control path for DQO-QPL (bsc#1214479).
gve: Do not fully free QPL pages on prefill errors (bsc#1214479).
gve: Fix gve interrupt names (bsc#1214479).
gve: Fixes for napi_poll when budget is 0 (bsc#1214479).
gve: RX path for DQO-QPL (bsc#1214479).
gve: Set default duplex configuration to full (bsc#1214479).
gve: Tx path for DQO-QPL (bsc#1214479).
gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479).
gve: XDP support GQI-QPL: helper function changes (bsc#1214479).
gve: fix frag_list chaining (bsc#1214479).
gve: trivial spell fix Recive to Receive (bsc#1214479).
gve: unify driver name usage (bsc#1214479).
net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
net/tg3: resolve deadlock in tg3_reset_task() during EEH (bsc#1217801).
s390/vx: fix save/restore of fpu kernel context (bsc#1218362).
tracing: Fix a possible race when disabling buffered events (bsc#1217036).
tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).
tracing: Fix warning in trace_buffered_event_disable() (bsc#1217036).

Package	Affected Version
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=5	< 4.12.14-122.189.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=5	< 4.12.14-122.189.1

ID

SUSE-SU-2024:0117-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2024/suse-su-20240117-1/

Published

2024-01-16T12:31:25
(8 months ago)

Modified

2024-01-16T12:31:25
(8 months ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0117-1.json
Suse	URL for SUSE-SU-2024:0117-1	https://www.suse.com/support/update/announcement/2024/suse-su-20240117-1/
Suse	E-Mail link for SUSE-SU-2024:0117-1	https://lists.suse.com/pipermail/sle-security-updates/2024-January/017660.html
Bugzilla	SUSE Bug 1109837	https://bugzilla.suse.com/1109837
Bugzilla	SUSE Bug 1179610	https://bugzilla.suse.com/1179610
Bugzilla	SUSE Bug 1202095	https://bugzilla.suse.com/1202095
Bugzilla	SUSE Bug 1211226	https://bugzilla.suse.com/1211226
Bugzilla	SUSE Bug 1211439	https://bugzilla.suse.com/1211439
Bugzilla	SUSE Bug 1214158	https://bugzilla.suse.com/1214158
Bugzilla	SUSE Bug 1214479	https://bugzilla.suse.com/1214479
Bugzilla	SUSE Bug 1215237	https://bugzilla.suse.com/1215237
Bugzilla	SUSE Bug 1217036	https://bugzilla.suse.com/1217036
Bugzilla	SUSE Bug 1217250	https://bugzilla.suse.com/1217250
Bugzilla	SUSE Bug 1217801	https://bugzilla.suse.com/1217801
Bugzilla	SUSE Bug 1217936	https://bugzilla.suse.com/1217936
Bugzilla	SUSE Bug 1217946	https://bugzilla.suse.com/1217946
Bugzilla	SUSE Bug 1217947	https://bugzilla.suse.com/1217947
Bugzilla	SUSE Bug 1218057	https://bugzilla.suse.com/1218057
Bugzilla	SUSE Bug 1218184	https://bugzilla.suse.com/1218184
Bugzilla	SUSE Bug 1218253	https://bugzilla.suse.com/1218253
Bugzilla	SUSE Bug 1218258	https://bugzilla.suse.com/1218258
Bugzilla	SUSE Bug 1218362	https://bugzilla.suse.com/1218362
Bugzilla	SUSE Bug 1218559	https://bugzilla.suse.com/1218559
Bugzilla	SUSE Bug 1218622	https://bugzilla.suse.com/1218622
CVE	SUSE CVE CVE-2020-26555 page	https://www.suse.com/security/cve/CVE-2020-26555/
CVE	SUSE CVE CVE-2022-2586 page	https://www.suse.com/security/cve/CVE-2022-2586/
CVE	SUSE CVE CVE-2023-51779 page	https://www.suse.com/security/cve/CVE-2023-51779/
CVE	SUSE CVE CVE-2023-6121 page	https://www.suse.com/security/cve/CVE-2023-6121/
CVE	SUSE CVE CVE-2023-6606 page	https://www.suse.com/security/cve/CVE-2023-6606/
CVE	SUSE CVE CVE-2023-6610 page	https://www.suse.com/security/cve/CVE-2023-6610/
CVE	SUSE CVE CVE-2023-6931 page	https://www.suse.com/security/cve/CVE-2023-6931/
CVE	SUSE CVE CVE-2023-6932 page	https://www.suse.com/security/cve/CVE-2023-6932/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=5	suse	kernel-syms	< 4.12.14-122.189.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=5	suse	kernel-syms	< 4.12.14-122.189.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=5	suse	kernel-syms	< 4.12.14-122.189.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-syms?arch=aarch64&distro=sles-12&sp=5	suse	kernel-syms	< 4.12.14-122.189.1	sles-12	aarch64
Affected	pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=5	suse	kernel-source	< 4.12.14-122.189.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=5	suse	kernel-macros	< 4.12.14-122.189.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=5	suse	kernel-devel	< 4.12.14-122.189.1	sles-12	noarch
Affected	pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=5	suse	kernel-default	< 4.12.14-122.189.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=5	suse	kernel-default	< 4.12.14-122.189.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=5	suse	kernel-default	< 4.12.14-122.189.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default?arch=aarch64&distro=sles-12&sp=5	suse	kernel-default	< 4.12.14-122.189.1	sles-12	aarch64
Affected	pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=5	suse	kernel-default-man	< 4.12.14-122.189.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=5	suse	kernel-default-devel	< 4.12.14-122.189.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=5	suse	kernel-default-devel	< 4.12.14-122.189.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=5	suse	kernel-default-devel	< 4.12.14-122.189.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default-devel?arch=aarch64&distro=sles-12&sp=5	suse	kernel-default-devel	< 4.12.14-122.189.1	sles-12	aarch64
Affected	pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=5	suse	kernel-default-base	< 4.12.14-122.189.1	sles-12	x86_64
Affected	pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=5	suse	kernel-default-base	< 4.12.14-122.189.1	sles-12	s390x
Affected	pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=5	suse	kernel-default-base	< 4.12.14-122.189.1	sles-12	ppc64le
Affected	pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=sles-12&sp=5	suse	kernel-default-base	< 4.12.14-122.189.1	sles-12	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date